This section of this website consists of two long pages that deal in depth with computer security. By reading this article all the way through, you will be provided with all of the information you need to keep your personal information and your desktop and laptop computers secure. The criminal hackers who are after your personal details, website user names, passwords, etc., in order to be able to help themselves to your money or use your accounts, are having to develop ever-more ingenious ways of fooling users into providing them. Therefore, computer security is something that all computer users who go online have to keep themselves constantly informed of - that is, of the latest developments with regard to both the latest protective measures and the latest criminal tricks being employed. A Contents menu has been provided below that covers the main items on both pages, but there will be plenty of very useful security-related information interspersed in blue-coloured tables that you will only be able to find by scrolling down the two pages, which have been made as easy as possible to read.
Click here! to visit the page on this site devoted to networking and Internet problems and their solutions, which includes security problems
Click the relevant link to go to that information on this page or Page 2:
Visit our Facebook page - http://www.facebook.com/pcbuyerbeware.co.uk - to read informative items going back in time that no longer appear on this page.
“Some amount of surveillance for law enforcement and intelligence, properly designed, is valuable to keep us safe. But when it’s too broad, it violates the privacy rights of millions of innocent people, and can even undermine our security.” — Chris Riley, Head of Public Policy, Mozilla
Government surveillance explained - Get smart on the web -
November 17, 2015. - Google's mobile operating system, Android, powers more mobile tablets and smartphones than any other, including Apple's iOS operating system. There are many versions, code-named after candy and cakes, dating back to 2008. The current version, first released in 2015, is called Marshmallow. The following Wikipedia page provides information on all of the versions.
Android version history -
There are so many devices running the many of the versions of Android that Google does not enforce the delivery of security updates by the device manufacturers. There are so many makes and models of Android devices and most of the manufacturers do not provide upgrades to later versions or to the current Marshmallow version, mainly because it involves work that hits their profit margins and so they would prefer customers to buy the latest devices, which is a bit of a cheek, because even the cheapest devices are not that cheap, but they are not expensive enough for the trouble and cost it takes to provide upgrades.
In 2013, I bought an inexpensive Tesco Hudl tablet that runs Android 4.2.2 (Jelly Bean - 4.1 to 4.3.1 - 2012/2013) that came with a leather case for L129.00. It works very well but it still runs Jelly Bean. Tesco will not be updating it to any of the later versions and Google has stopped providing security and browser updates for Jelly Bean (4.3 and earlier versions). Consequently, I own a tablet that is full of unpatched security holes. Fortunately, I just use it for testing websites, but many people could be using their insecure devices for accessing websites that only require username/password entry, such as PayPal and Amazon, which is definitely not advisable. Banks require user input, usually a number generated by a personal device that can only be used once. Even so, I would not use an Android device to access them from a website or by using an app. Note well, that unless the bank is to blame, users are now being held responsible for fraud perpetrated on their accounts.
If a security hole is discovered in Apple's iOS mobile operating system for phones and tablets, Apple merely has to provide all supported devices with updates automatically in the same way as Windows Update provides updates for all of the versions of Windows that Microsoft is still supporting. Support for Windows XP ended in June 2014, so no updates are provided for it, but it is still being used by many millions of PCs.
During the time of version 4.1 of Android (Jelly Bean - 2012), Google started to develop Google Play Services through the Google Play store that updates certain features, avoiding having to provide an upgrade to versions of Android in use but not being upgraded by the device manufacturers. However, all Android devices running version 4.4.4 (KitKat) and older - that is, most Android devices - have a default web browser that is very vulnerable because Google can't update it. Users of those version should download and install another browser, such as the mobile version of Firefox, which will update itself.
You can find out which version of Android your devices are using by visiting http://whatismyandroidversion.com/. The site tells you that information immediately if it detects a version of Android.
Android now allows its users to see which permissions an app requires before installation, but provides no controls, just take it or leave it, whereas Apple's iOS allows users to choose what an app is allowed to access. The image below shows what the Android version of the Avast anti-virus scanner requires to access. Identity, contacts, location, phone number? Why does an anti-virus app need that information and are you prepared to allow it that access? Personally, I am not that willing, especially given how ineffective anti-virus apps are at protecting Android, compared to how effective they are at protecting a Windows PC. I have never fallen victim to a serious virus or phishing fraud on a Windows PC because I apply security advice religiously.
Anti-virus apps are not very effective in Android. Windows allows anti-virus software the low-level access to files and system files that makes effective scanning possible. Android can only restrict apps to running in protected sandboxes, which have restricted permissions; it cannot allow an anti-virus scanner the low-level access required to scan files for malware. In fact, if malware exploits a security vulnerability, it is running at a higher permission level than the scanner. An Android anti-virus app just reads a list of apps and checks their names against a list of known rogue apps. It can also monitor online activity and prevent the user from visiting known malware-infected websites or from downloading apps known to carry malware infections.
Fortunately, Google Play scans all of the apps it provides, constantly looking for malware. That is why most malware is downloaded outside Google Play. For example, Chinese apps can often contain malware. In any case, it is wise only to use Android devices that receive the latest security updates directly from Google, such as Google's own Nexus devices.
I would not use Android especially or Apple's iOS to access any account online that requires only a user-name/password login, or even a bank account that requires users to input a number generated by a machine provided to them by the bank.
As soon as you buy an Android device, it is highly advisable to access its Settings app, because otherwise you will be providing Google with all of your personal data stored on that device and every other device or PC that you access your Google account on, because they can all synchronize their information with each other. So, the information on your laptop is provided to your tablet and phone, etc. You can turn synchronization off, but you have to do it on all of your devices that access your Google account.
In my opinion, it is outrageous how much personal information Google lifts from smartphones, tablets and PCs in order to use it to entice you into clicking on ads placed across your path on the web. You can choose to have all of the settings turned on or off, but you will have to trust Google that they are off. Personally, I don't trust Google period due to the long history it has of acting very deviously or illegally in order to obtain information or promote or sell its own services and products ahead of others.
The following website provides good information on Android's Settings app.
13 Things You Can Do With the Google Settings App on Any Android Device -
May 28, 2015. - The Flash Player is now producing a warning, shown in the image below, when you install an update stating that if using Google Chrome or the Chromium operating system, mainly used on Chromebooks, the user has to use the online Global settings webpage not the local onboard settings to set the Flash Player, via the Windows Control Panel, which includes allowing or blocking the use of the camera, microphone and allowing the website using the Flash Player to store information about the computer using it.
The default settings block nothing (allow everything). This looks to me as if Google is setting the default settings so that it can collect the user's data, which could include taking photos of the user and even recording conversations, and is making it as difficult as possible to block them. After all, how many Google Chrome web-browser or Chromebook PC users are going to visit the Adobe website's Global settings page if they don't even know about what the default settings are and what can be blocked.
I block everything that can be blocked on my Windows computers. The Flash Player can also be installed on tablets and smartphones that use the Google Android operating system, which means that you will have to visit the Global online settings page to set those devices. I think that users should not take this potential very high level invasion of their privacy lightly. I go as far as placing electrical tape over the camera on my laptop. I disable both the camera and microphone in the Windows Device Manager, but the Flash Player or other software could enable them.
I set the Flash Player to ask me before installing updates instead of the setting that installs them automatically just in case installing updates restores the default settings that block nothing.
"If you are using Chrome or Chromium browser, to change the Flash Player settings, use the Flash Player Online Settings Manager.
"Note that if you have installed the PPAPI version of Flash Player, you must use the Flash Player Native Control Panel to configure your update settings. If you are using Chrome, you will get the updated versions of Flash Player through the Google Chrome update mechanism."
Flash Player | Change Settings | Chrome, Opera, and other Chromium based browsers – PPAPI -
Global Privacy Settings panel -
March 4, 2015. - Kaspersky Lab discovered the spyware that infects hard disk, SSD or flash drives by reprogramming the drive firmware, which is the permanent software installed on a drive that makes it function.
The source of the spyware infection was named as the Equation group by Kaspersky Lab, but most sources are naming it as the US National Security Agency (NSA). For example, one of Computerworld's headlines is: "There is no way of knowing if the NSA's spyware is on your hard drive."
That is true. Anti-virus/anti-malware scanners cannot detect an infection because it rewrites an infected computer's hard drive's firmware, which kicks into action as soon as the computer starts up. There is no way in which that firmware can be scanned and formatting or low-level formatting cannot put things right because the firmware is not changed in any way during any kind of formatting of a drive.
Kaspersky Lab has stated that the spyware has been discovered on hard disk and SSD drives made by all of the major drive manufacturers. For that to have been achieved, the spyware writers would have had to have the firmware source code from each of those manufacturers. Therefore, the question now is, how was that secret source code acquired?
Could it be that the major drive manufacturers are installing the spying firmware on to their drives in the factory. If so, even if the user downloads and installs the latest firmware for a particular drive to get rid of the spyware, it will be reinstalled along with it.
Western Digital (WD), second only to Seagate as a major hard-drive manufacturer, has denied any complicity, stating that the integrity of its products are of paramount importance.
The reprogrammed firmware is able to reserve disk space and download and install several types of spyware. Kaspersky Lab has stated that it has discovered computers infected with one or more types of spyware in 30 countries, mainly in the East, Middle East and North Africa, including Russia and China.
The firmware reprogramming had only been detected on the computers of a relatively few targets, very probably the ones that would supply the most valuable information.
None of the stories on this security vulnerability states whether the infection can be removed or not by downloading and installing the latest firmware from the drive manufacturers' websites. Firmware is specific to the make and model of drive it has been written for. This might be because the downloads are infected. I'll post if this aspect is ever clarified.
February 21, 2015. - Kaspersky Lab is the developer of the highly-rated Kaspersky security software.
The company has spent several years uncovering what it calls the most sophisticated malware ever created by using expensive tools that has been active for almost two decades, naming the perpetrators as The Equation Group.
The exploit rewrites the firmware of the hard-disk, solid-state and USB flash drives, used by computers or attached to them, in order to gain control at startup and loads its malware on to sectors of the drives that cannot be formatted or erased in any way, which makes the infection permanent and invisible.
The following article on the Kaspersky Lab site doesn't link The Equation Group to the US National Security Agency (NSA), but the articles linked to under it do.
Equation Group: The Crown Creator of Cyber-Espionage -
Kaspersky Lab Researchers Reveal Hidden NSA Spyware On Hard Drives -
Russian researchers expose 'NSA's secret weapon': Outrage at program that enables America to spy on EVERY home computer in the world is uncovered -
July 10, 2014. - The Windows Secrets newsletter has dealt with what it considers to be the security baseline that all PC users should be aware of and practice in order to stay safe online and protect their identities. Here are the 8 steps that are dealt with in the article linked to below them:
If you want to give those with short attention spans the basics of PC security, send them this list.
Step 1. - Have a backup solution.
Step 2. - Use unique passwords for each site or account.
Step 3. - Have a hardware-based firewall in addition to the Windows firewall.
Step 4. - Run — and keep updated — good anti-malware software, both real-time and on-demand scanning.
Step 5. - Have alternative browsers and keep them all updated. Consider using alternative search engines.
Step 6. - Applications: Either patch 'em or remove 'em.
Step 7. - Don't run in administrator mode; set up a standard-user account.
Step 8. - Consider using a tablet-style device for recreational websurfing.
Revisiting the WS Security Baseline: Part 1 -
Only ever trust security warnings that are produced from the System Tray/ Notification Area in Windows. Even if a security warning seems to be produced outside that area by the anti-virus program that you use, don't click on any message that comes up, not even a Cancel button, shut the web browser down immediately by pressing the Ctrl+Alt+Del key combination that provides access to or brings up the Windows Task Manager, which allows you to terminate any running program. Hackers know that many people use the free malware scanners so if they create a message or presentation that seems to have been produced by the one they use, they will trust it and initiate a fake system scan that delivers real malware. It's also good insurance to create a master image of your system on a regular basis, which the Backup programs in Windows Vista and Windows 7 can now do, and save it to an external hard disk drive that you should keep disconnected from your computer to protect it from a virus infection and in case of destructive electrical spikes or lightning strikes.
If you apply the PC security measures provided on the pages of this article, you shouldn't experience any security-related problems, and, if you do, you'll know how to fix them.
It is imperative that you keep any kind of computer running Windows (or any other operating system) fully updated with the latest security updates. When run, the Belarc Advisor, under FREE DOWNLOAD on belarc.com, tells you if your computer has all of the available updates installed. It also provides a System Security Status report that gives your computer a security rating out of 10, created by the benchmark tests of the Center for Internet Security (CIS), which is at cisecurity.org (available for Windows XP Professional, not Windows XP Home).
Smartphones and tablets are now small mobile personal computers that can be infected by virus and other malware infections in the same ways as desktop and laptop PCs. You can be caught out by scams or infected by malware when using a smartphone in exactly the same ways as any other computer usage.
Google's Android is now the most commonly used smartphone operating system that is now being targeted by cyber criminals. Google also logs all of the information that your phone company logs via its Android operating system and uses the information and information it has gathered on you from your use of its services to serve you with customised ads. I personally find that an unacceptable invasion of my privacy, so I only use a standard mobile phone that can't access the web. If I had to buy a smartphone, I would get an iPhone or a Windows phone, because with those only your phone company logs your calls and web browsing history.
I personally would never use a smartphone to access bank accounts, PayPay, Amazon or any other website that holds data on you, such as your credit card number. I only do that from a home computer connected to the web with a wired, not a wireless connection, with private browsing enabled - all of the main browsers provide it and it has to be enabled every time you open the browser - and my router's hardware firewall enabled. Better still, only access banking websites using a Linux boot disc as detailed below. Most web connections are now provided by a wireless router around which a home network consisting of wireless and wired computers (desktops, laptops, tablets and smartphones are connected.
You can run a free malware mobile app scan on this company's website [March 2014] :
August 4, 2013. If you access a banking or shopping site that hold credit-card information from a link provided by an email, you run the risk of passing your login user name and password to hackers, so always log into them directly, never from a link in an email. Most banks now require that the user inputs information provided by a programmed machine or from information supplied over a mobile phone, but website's such as PayPal only require an email address and password in order to log into them. It is easy for hackers to find out what your name is and send you a very convincing email with a link to click asking you to log into, say, your PayPal account for some reason, such as a failed transaction. The link can go to an authentic-looking but phony login page on PayPal's site, but you are really only sending hackers what they need to log in to your account. After you have logged in to the phony site, it usually sends you to the real website saying that you have to log in again because you entered the wrong information. Below is an image of what the message in such an email looks like. The phony link is provided the button that says ADD BANK ACCOUNT. As you can see, the email looks all the more authentic by providing my real name.
June 12, 2012. - The best (safest) policy with regard to online banking is that you do all of your Internet banking outside of Windows and off your PC's hard disk drive. The best way to do that is to boot the system from a DVD disc or flash drive using a version of Linux such as Tails and the Puppy Linux operating system.
Here is what someone wrote about a common way used by criminals to gain access to your computer or network of computers:
"Keep getting phone calls from idiots in India purporting to offer free windows / PC support. Had one yesterday who claimed they were getting internet error reports from my PC and wanted to help resolve it. When I asked what my "ISP" was or even what an "ISP" was or what operating system was running on my PC he didn't have a clue in spite of the error reports they were purportedly receiving. Of course he insisted that I turn on my PC and go to a particular website, which I pretended to do but ignored in reality. I offered to save him the trouble of hacking into my PC and asked if he wanted my bank details, he feigned ignorance and that "actually we only want to help resolve the error reports, but in order to do so needed to take control of the PC". When I offered to call the police on my mobile and relay his call to them, he quickly hung up. Shame really. But I suspect the police would have said it was beyond their remit and a civil matter."
Yet another version of Linux called Tails is now available. It can be used from a DVD disc, which is unreadable, which means that its security cannot be compromised, or from a USB flash drive, which has to be set to read-only mode to be as private. In read mode a USB drive can be infected with malware and viruses.
Tails provides built-in online anonymity, built-in encrypted email and chat, built-in file encryption and a full suite of editing software: OpenOffice for editing documents, Gimp for editing photos, Audacity for editing sound and much more. Remember that to boot the system from a USB flash drive or DVD disc, the computer's BIOS has to have those devices set as the first boot device in its boot-order settings. Also note that the Internet Service Provider being used by the computer that you are using will be keeping a record of the browsing activity taking place from that computer, as will any search engine, such as Bing or Google.
Browse like Bond: Use any computer without leaving a trace with Tails -
Puppy Linux is so easy to use your grandmother could set it up and use it. It boots from a CD/DVD disc to which its ISO file (downloaded from its developer's website - http://puppylinux.org/) has been written/burned, or from USB flash drive, providing a full Internet-connected desktop in about a minute. It is not installed on your computer's hard disk drive and records nothing on that drive unless you ask it to be installed there (as Windows itself is). It runs in the computer's RAM memory. Nothing can protect people from providing banking login information over the phone or the Internet, but Puppy Linux protects you against every other scenario and it's a sheer joy to use. The only complicated things are that you have to know how to burn an image to a recordable CD/DVD disc and you may have to set your computer's BIOS setup program so that the first boot (startup) device is its optical CD/DVD drive. Burning an image to a recordable CD/DVD is easy if you have the correct software. This website provides free software and instructions on how to achieve that - cdburnerxp.se. The BIOS section of this website tells you how to set the device boot order. Then, whenever you want to bank using the web, you just boot from the CD/DVD disc you burned Puppy Linux to and log on with complete safety because no malware (viruses, spyware, key-logging software, etc.) can interfere.
I can still use an old Ubuntu Linux 8.4 boot disc (site: ubuntu.com, at version 12.04 in June 2012). It takes 5 minutes or so to load from the disc, but when loaded provides access to the web automatically when its Firefox web browser is started. The version of the browser is the version current when the version of Ubuntu being used was current, so it would be best to update the boot disk regularly in order to update the browser, because some banking sites might require the use of certain versions of a browser. Ubuntu Linux detects if you are connected to the web using a wired or a wireless connection and connects automatically. If you are using a wireless connection you have to enter your encryption key, which always has to entered when a new computer or smartphone tries to connect to a network centred around a wireless router/modem. If you suspected that your computer had been infected by a virus, you could run an online virus scanner, such as the one provided by Kaspersky.com. Look for "Free Antivirus Scan" at the top of the home page. This is also a very secure way of accessing banking and financial websites, such as PayPal, because malware cannot intercept logon information. An Ubuntu boot disc also provides access to plenty of other software, such as an image viewer and an office suite.
Web browsers are now also providing active security protection. Why it took so long for this to happen beats me. Apparently, Internet Explorer 9 (IE9) is more secure than any previous version of Internet Explorer. IE10, which comes with Windows 8, is even more secure than IE9.
The following article on the Telegraph online website provides 10 general tips on how to protect your identity. The computer-related tips are explained in detail in this article. You should provide as little personal information as possible on the web, especially on social networking websites such as Facebook, because that information can help give identity thieves and computer hackers what they need to hijack your identity, your computer or your bank accounts, etc. Banks have developed sophisticated almost foolproof methods of logging onto their websites, but a website such as PayPal only requires an email address and a password, so it is essential to use a strong password, because if your PayPal account is linked to your bank account and/or credit card, getting into your PayPal account gives a hacker access to those accounts, which would allow him to transfer money into your PayPal account and then send it to himself in Russia, China or somewhere else.
Never use a password you use for a financial site (bank, PayPal, etc.), web email account (hotmail, yahoo, gmail, etc.) on any other site such as an online newspaper, forum, Facebook, etc., because if hackers gain access to sites with low security, which is much easier than a banking site, they might be able to obtain your password for that site, you may have provided an email address, they will try that password to gain access to your email account. If it works, they can try using the "Forgot your password?" option on a financial site, such as PayPal, to have a new password sent to your email address. They will then be able to access your PayPal account, which can be linked to your bank account. Therefore, it is essential that you only ever use throw-away passwords for sites such as forums, Facebook, online newspapers, etc., so that if the hackers try one of them on your email account or any other account that requires a strong password, they won't be able to gain access to it.
If a hacker can obtain enough information about you, he can make good guesses at the kind of passwords you would use and if you keep a record of passwords you use on your computer, if it gets stolen, you must change those passwords immediately by using another computer, even if you have to use a friend's web access to do so. That is why you should disguise password information kept on a computer, or, better still, don't keep a record of passwords on your computer(s). Keep a written record and hide it somewhere safe. You can use a master password and change it for every account in a specific way that is easy to remember. That way, you just have to remember what it is and how I change it. It is best not to use a public library's web access to access your bank accounts or even social-networking websites, because the library's computer security could have been compromised.
Create strong passwords -
Windows Secrets personal security baseline -
The most important warning with regard to Internet security is NEVER respond to emails from a bank, financial organisation (PayPal, etc.) or online store that requires you to click on a link in it and then log into the faked webpage that will present itself in your web browser (Internet Explore, Mozilla Firefox, etc.) that looks exactly like the real thing, because the real banks, organisations and online stores NEVER send emails to their customers to do anything to their accounts, such as update it or check an overdrawn account, read a new message, etc.
Click here! to see a convincing email I received supposedly from the UK's HM Revenue & Customs, which deals with taxation and VAT. The immediate giveaway is that it doesn't use my name, but if you have just sent in your tax return and you get an email like it and you are not very web-savvy, you might fill in the credit card details it wants. Remember that no government department ever sends you emails asking you to fill in a form or enter any credit card details in order to claim a refund. If you are self-employed, your tax form provides an option that must be filled in providing a bank account in which to pay a refund. But PAYE employees and taxpayers don't fill in a tax return and might be tempted to send in the form with the information it asks for. The taxman sends any refunds by cheque directly to the taxpayer's registered address.
You should also never respond to telephone calls such as the one reported by a computer forum poster:
"Today someone phoned me claiming to be from Microsoft support informing me that Microsoft Security Essentials anti-malware software was reporting my PC had many errors caused by a virus and that is the reason I had a slow connection recently. Microsoft never does this but he was convincing. I had also heard about similar stories. He requested that I should check my error log by right-clicking My Computer => Manage => Computer Management => System Tools => Event Viewer => System and I would see them."
"This is how to view the Event Viewer in Windows XP, which is still the most widely used version. (In Windows Vista, the quickest route is just enter the words Event Viewer in the Start => Search... box to be presented with a link to it, but there are other methods.)
"Note that this report always shows some errors and warnings even on perfectly normal PC systems. These people know this but most users do not so they can be convinced that they are genuine callers from Microsoft. He said that he would fix them by sending me to a known website, which was genuine, and fix this by utilising TEAM VIEWER which was available there. I am aware of what this program can do, but was suspicious as he had an Asian accent and even gave me a phone number to try to convince me, but when I tried 1471 his phone number was unavailable. He then tried various tactics such as speaking to his technical manager who would confirm his identity. Finally, he gave up, was very agitated, and said he had many more people to call to fix problems like mine. If anyone followed his instructions no doubt he would load spyware on to that person's PC that would allow him access to the computer to steal passwords, etc."
The following article provides additional information on this confidence trick:
Watch out for 'Microsoft Tech Support' scams -
According to the following article, a frightening 22% of people contacted have fallen for this scam.
Microsoft rings alarm bell on fake Windows support calls -
Other confidence tricksters telephone you and ask you to set your computer up so that they have remote access to it. They tell you how to do that and then, if you do as they say, install phoney antivirus software and run it from a remote location. The scan says that all kinds of infections exist on the computer. They then ask for payment to remove them. That is why you must never allow anyone to access your computer in any way unless you know exactly who is involved.
The PC Security section of this website provides comprehensive information about how to stay as secure as possible on the web. Note well that your privacy and therefore your security both on the web and in the real world are being put most at risk by information that you allow Google and the social networks, such as Facebook, to compile about you and your friends and associates. Most of the latest releases of the major web browsers provide tracking protection, but none of them are as good as some free third party tools, such as Do Not Track Plus (DNT+) from http://abine.com/dntdetail.php. Fred Langa, the renowned PC guru, uses and recommends it. The ad companies, such as Google and the social networks, such as Facebook and G+, track a user's every move on the web. They know who the users are, the websites a particular user visits and the times and frequencies of the visits. DNT+ has to be installed on every web browser that you use - Internet Explorer, Firefox, Safari, Chrome, etc. To do that use the browser that you want it installed on to download and install. For Internet Explorer, it would not install for me, saying that I had to close IE completely, which was the case, so I downloaded the file using IE, logged off and then installed it using the file. DNT+ blocks the tracking so you can browse in private. Only your Internet Service Provider knows what your browsing habits are, because, like your phone company, it has to keep track of your online activity, but it is not allowed to give anyone else that information unless compelled to do so by a court order. Google, Facebook, etc., track you to make use of the web-browsing and other information that they collect.
Here are some very useful web-browsing tips:
With Google's new privacy policies having come into force from March 1 this year to coincide with the company's merging of all of its services and products under the governance of a single set of terms and conditions and the merging of the information it holds in them derived from their users, it has never been more urgent to protect your privacy from being invaded. With Google's new privacy policies having come into force from March 1 this year to coincide with the company's merging of all of its services and products under the governance of a single set of terms and conditions and the merging of the information it holds in them derived from their users, it has never been more urgent to protect your privacy from being invaded. Web browsers are dealt with here, but don't forget that a smartphone, especially one running the Google Android operating system that requires logging on to a Google account in order to make use of the services and apps provided by Google, logs everything you do on that phone. Here is what it says in Google's own privacy policies:
"When you use our services or view content provided by Google, we may automatically collect and store certain information in server logs. This may include: details of how you used our service, such as your search queries. - Telephony log information like your phone number, calling-party number, forwarding numbers, time and date of calls, duration of calls, SMS routing information and types of calls. - Internet protocol address. - Device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL. - Cookies that may uniquely identify your browser or your Google Account."
If you use Add or Remove Programs (Windows XP) or Programs & Features (Vista & Windows 7) to uninstall any Google programs (toolbar, Chrome, etc.), the Windows Registry will still have hundreds of entries in it that can be searched for and deleted to make it less bloated, using the Registry Editor by entering regedit in the Start = Run box (XP) and the Start => Search... box (Vista, Win7) and using Edit => Find to search for google. Pressing the F3 key finds the next entry. Note you should always create a restore point in System Restore before editing the Registry so that it can be restored in Safe Mode (accessed by repeatedly pressing the F8 key before Windows starts to load at startup) should Windows fail to boot due to the editing. An easier way would be to use a free, more advanced Registry editor, such as RegScanner [website]. I would only delete keys that contain the search term (e.g., google) in them.
Can Google be trusted? -
Read these eye-opening articles:
What If Someone Could See Everything You've Ever Googled? -
Google and Facebook accused of bypassing iPhone's privacy settings to spy on owners to build advertising profiles -
If you don't want Google to compile a specific user database profile on you that can be used to target customised adverts at you on the web and who knows what else, you have to know how to block it from doing so and prevent it from tracking you on the web. Here is a good article on how to go about doing that:
Hide From Google - http://howto.wired.com/wiki/Hide_From_Google
If you want to use a good search engine that doesn't ply you with ads on top and to the right of and, in Google's case, within the the search results (Google shopping results) try using DuckDuckGo. Its settings link appears in the bottom right corner of the browser. Set it for the type of browsing you are doing.
All of the main web browsers have options that enable private browsing, which are not widely advertised for the obvious reason that companies like Google don't want you to make use of them. How reliable they are is questionable, so I only use Microsoft's Internet Explorer 9 (IE9), which provides InPrivate Browsing and a separate setting called Tracking Protection, and the Apple Safari browser, which has a Private Browsing setting, enabled by clicking on the gear icon in the top right-hand corner. Note that in IE, an InPrivate sign must appear in the left-hand corner of the address box if private browsing is active. In Safari, a sign saying PRIVATE must appear in the right-hand corner of the address box. IE10 will come out with Windows 8 later this year and it should be even more secure. When Microsoft provides a setting it usually works. In any case, all of the major browsers apart from IE are affiliated to Google, so I avoid using them. Here are links to the information on how to enable private browsing in IE8 & IE9, Firefox and Google Chrome browsers:
IE9 InPrivate Browsing - IE9 cannot be used in Windows XP, which is limited to IE8, only in Windows Vista and Windows 7. When you enable InPrivate Browsing, a new window is opened displaying the InPrivate sign at the beginning of the address bar. You have to browse from within that window. Close the window you used to enable it, which is not kept private. When the InPrivate window is closed private browsing is closed, so you have to enable it every time you want to use it. -
Internet Explorer 9 - Tracking protection -
IE8 InPrivate Browsing -
Firefox Private Browsing - http://support.mozilla.org/en-US/kb/...
Google Chrome - Incognito mode [But can it be trusted? Read on...] -
... But can you trust Incognito mode given that Google has been caught using an illegitimate software trick to bypass Apple's iPhone and Internet Explorer's default security settings in order to have their users' information sent to it? Google is also advertising its Chrome browser extensively across its AdSense web advertising system and website owners cannot block Google ads as they can other ads up to a limit of only 50 advertisers out of many thousands. Moreover, apparently Google is able to uniquely identify each installation of Chrome. Need I say more? If you value your privacy, best not to have installed Chrome at all, because, like any other spyware, it could be compromising your privacy without even being visibly in use. If it is installed, it is advisable to uninstall it, which can be done via Start => All Programs => Google Chrome => Uninstall Google Chrome or via the Control Panel - Add or Remove Programs for Windows XP and Programs & Features for Vista and Windows 7. It is important to select the "Also delete browser data" checkbox, because it removes your user profile information, which include browser preferences, bookmarks and web-browsing history. Google Chrome is very difficult to uninstall completely because not only is the web browser installed, many browser "add-ons" are also installed, which will remain in place after the browser itself is uninstalled, so remove any programs listed in Add or Remove Programs (XP) or Programs & Features (Vista/Win7) that you don't use. If you have uninstall software, use that instead, because it is usually very good at removing every trace of an installation.
January 26, 2011. - Starting from March 1, 2012, Google intends to link all of the data it collects from users across all of its services, including its search site, Gmail, the G+ Facebook-type social network, YouTube, which Google owns, the Google Toolbar that can be installed in web browsers, smartphones that use Google's Android operating system, etc. It is also merging data from its G+ network with its web-search results. The ruling idea, which Google has probably intended for many years, is to gather as much information as it can on web users by providing free services and products that can gather data on the people who use them in order to be able to deliver them with customised, targeted adverts.
For example, if you were to use your Gmail account to tell a friend that you intended to go to Barbados or Cape Town for your summer holiday, you could receive holiday and travel ads on those destinations when using Gmail or viewing a YouTube video. Google's web search engine could do likewise and even websites you visit that run Google ads could target you with targeted holiday and travel ads. Moreover, Google is currently selling a laptop called a Chromebook that uses Google's Chrome web browser. It can only be used to browse the web, so, this too is no doubt just a user-data-gathering piece of hardware. Google is also advertising its Chrome web browser using its AdSense ad-delivery system. Why you might ask? Obviously as an excellent way to keep people using its search engine (other search engines are made available, but it is the one set by default) and to track their browsing habits.
The following page provides information on how Google tracks web users by a search engine that does not. - http://donttrack.us/
To accompany the change, Google will issue revised privacy policies that users will have to agree to before they use any of the services. There is no opt out. You have to agree to the new privacy policies or stop using the services that you are signed up with, such as Gmail and YouTube. Note well that you can export your Gmail contacts to another email service. Search for the google.com page called "Exporting Gmail contacts".
As might have been expected, this news, which most people who are familiar with Google have been expecting to happen for some time, has caused a breach-of-privacy stink in the media. Here is one of the stories. The readers' comments are well worth reading:
And here are two other interesting web-privacy-related articles:
Don't like something about yourself online? You'll soon be able to delete it thanks to sweeping new EU privacy laws -
The Adobe Flash Player is used to play video supplied from most sites, including the BBC's iPlayer and YouTube. The settings' applet for the Adobe Flash Player is called Flash Player and is in the Windows Control Panel for all versions of Windows from Windows XP on. You can block the player from using its privacy-invasive features from there. I block all of them, including Block all sites from using peer-assisted networking, which allows other sites to use your internet connection's bandwidth to provide video content to other viewers of the same content. The player is updated frequently and you should be aware of the fact that any customised privacy settings can be restored to the non-private settings. I have just allowed and update to take place and all of the settings that allow access to my computer were activated, whereas prior to the update they were all disabled. Sites that use the Flash Player might also be able to change the settings, so you should check them regularly if you want them to remain disabled.
For this reason, since I don't use the webcam built into my laptop, I have placed some black insulation tape over the camera in its lid. This looks like a sneaky way of allowing cookies, information about the computer to be made available, camera access, etc., when the user is under the impression that such breaches of privacy have been blocked. Flash cookies can store much more information taken from your computer than standard cookies and they can be accessed by websites other than the ones that placed them on your computer. (The next item provides information on Flash cookies.) I enable the setting that requires the program to notify me when an update is available. I also block peer-assisted networking, which allows the player to make use of your broadband bandwidth to ease its congestion. In other words, if it is enabled, the player can use your broadband connection to send the same video to other computers playing it and the players on other computers can lend you some of their users' connections' bandwidth to make the video play better. If you suffer from poor video playing or buffering try enabling this setting; otherwise it is best to leave it disabled. I would not trust anything that allows your computer to be used by any web software.
Flash cookies are accessible files created by the Adobe Flash Player (that most computers use) on websites you visit that are stored on your computer. Unlike standard cookies that are under the control of your browser (Internet Explorer, Firefox, etc.), they can contain up to 100KB of data compared to the 4KB of a standard cookie and are out of the control of the browser, so they can track your web browsing and compromise your computer's security unless you use measures to get rid of them. The following article tells you about these cookies and how to get rid of them.
Eliminate Flash-spawned 'zombie' cookies -
January 10, 2012. - Windows Defender was the name used by Microsoft's anti-malware scanner before it became the free Security Essentials. Microsoft has now reused the name for its boot-disc/drive scanner called Windows Defender Offline, which scans the system from a boot disc or boot flash drive, providing a deep scan that runs before Windows loads, which can detect rootkits and other infections that are usually invisible to standard malware scans run from within Windows.
To find out how to create the disc/boot drive, visit this webpage:
What is Windows Defender Offline Beta? -
The instructions are all provided, including how to determine if your computer is using a 32-bit or 64-bit version of Windows, which you need to know in order to download the correct version of the tool. If you choose to burn the tool to a CD/DVD, one of three options, it is done for you. All you have to do is insert the recordable disc.
Validation is required, which means that the boot disc/drive can only be used on the computer on which it was created. I tried it using 32-bit Windows XP Professional and the system required an update, which was named, required a system reboot but was easy to install. For a netbook computer without a CD/DVD drive, you'll have to use an external USB drive or a USB flash drive.
To boot from a disc or USB flash drive, the boot device being used has to be set as the first boot device in the PC's BIOS Setup program.
If you receive a suspicious email that contains a link or links to a suspicious website, such as one that is a fake bank website, you can report it to security authorities via your web browser. I click the link in, say, an email that appears to come from the HSBC bank, but which leads to a fake phishing website looking like the real one that steals your login details if they are entered, saying something like: "Dear customer, your bank account has been suspended. Please click the following link to reinstate it."
To report a fake website or one that delivers malware in Internet Explorer, with the website the current one opened, click on the Tools menu item, followed by SmartScreen Filter. That option provides you with Report an unsafe website, which you just have to click on. Microsoft's website that allows you to report the suspicious website then provides a page that allows you to do the reporting. Each make of browser provides its own route to doing this. In the Firefox browser, it is under Help => Report Web Forgery.
Always bear this in mind with regard to PC security. Security-research company Trend Micro that provides the free online malware scan HouseCall has reported that of the top 100 computer infections in the U.S. in 2008, a huge 63% were caused by downloading and running programs. E-mail infections accounted for only 3% and the exploitation of security flaws in software products was responsible for a negligible 1.7% of the PC systems that were compromised. Free games, utilities, toolbars and almost any other software can entice a user into downloading malware from a malicious website. Pirated software and pornography offered on the web are particularly dangerous in this regard. The hackers know that many people look for pornographic sites using certain keywords, so they fill their malicious sites with those keywords. The dangerous downloads are usually disguised as pornographic videos, or the website might ask the visitor to install software in order to view pornographic videos.
You should therefore only download software from reputable sources, such as well-known downloads sites (Filehippo.com, Download.com, Softpedia.com, MajorGeeks.com), or the websites of reputable software developers and hardware manufacturers (Microsoft, Adobe, Google, Intel, HP, and Dell), or open-source (free) software provided from Sourceforge.net, Mozilla.org, Ubuntu Linux, OpenOffice.org, etc.
You should use strong (secure) passwords for websites such a online stores and banks and never use the same one for every website, because hackers know that many people use common passwords well-known to hackers, or use the same password and user name, so they use websites to gather user names and passwords and then try using them on retail and banking sites, eBay, etc. More information on passwords is provided further down in this article.
Almost 16 million [people] use same password for every website, study finds -
"People are in danger of falling victim to internet fraud because we use the same password for almost every website, a new study has found." -
You should also not use keywords such as free spyware programs, etc., in search engines or adverts on reputable websites to find security software, because the major search engines and the advertisers such as Google and Yahoo! allow malware products to be listed in search results and/or advertised. You should only obtain security software directly from websites that have received good reviews for their products from other reputable websites. For example, all of the links provided on the pages of this website are valid products. For more information, read this story on this subject:
Sponsored search results lead to malware -
"The ads served by Bing and Google along with your search results are linking more and more often to sites trying to infect your machine." -
Downloads called "torrents" from websites that provide them can be particularly dangerous. The downloads use a web protocol called BitTorrent, hence the name torrents. If you only use torrents to download legitimate software, the torrent file should be made available from the program's own website - for example, the torrents page for Slackware Linux.
GData reports massive increase in malicious torrents -
"The number of infected torrents tripled over the course of last week, according to German security software firm GData. G Data Security Labs' analysis reports that a lot of malware is circulating in software warez (cracked versions of commercial software), maps for navigation devices, ringer tones, videos, and music recordings." -
BitTorrent (protocol) - http://en.wikipedia.org/wiki/BitTorrent_(protocol)
Another great danger are phishing websites, which are copies of real websites, such as PayPal.com, that are linked to from within emails. The domain name is not PayPal, but another name. The link's text shows http://www.paypal.com, but it is linked to another domain, which is usually temporary; it will be abandoned as soon as the security software exposes it for what it is. If you place the mouse pointer over a link to a phishing website, you will see its real domain name in the bottom left corner of web browsers such as Internet Explorer and Firefox. A message in phishing emails tries to entice the reader of the email into visiting the website by saying, for instance, that their PayPal account has been illegally accessed and that they should log on to it immediately by clicking the link that brings up the phishing website, not PayPal's website. Every bank or financial organisation capable of transferring money has phishing emails sent out in its name.
Your name is never provided because it is a general message sent to many thousands of email addresses. It will only be addressed to you if the sender knows your name. That is why you should not use your name in an email address that you are going to use on websites. For example, use an email address like [email protected] instead of [email protected]
A simple rule of thumb is this: no reputable bank or financial service will ever ask you to provide login details to your account via an email. If you receive such an email informing you of a problem with your account or proposing to offer some kind of prize incentive or similar, just remember the old saying, "If it looks to good to be true then it no doubt is."
If you want to install software from a developer that you don't recognise, you can perform a web search on it and the developer in order to find out if it is from a reputable source. You should be able to gauge from the links provided with regard to a particular software developer or website if it is reputable.
The Internet Explorer web browser and most of the other web browsers have a feature that can check a website. In Internet Explorer, look under its Tools menu for SmartScreen Filter => Check This Website. You also have an option there to report a suspect website.
You will not be able to find articles, computer-forum threads and reviews of software created by criminals unless they are providing warnings about it. You should never use a free 'cracked' copy of a piece of software that doesn't require product activation, etc., because it is likely to be doctored software.
Note well that dangerous malware that infects PCs by disguising itself as a legitimate antivirus program is being used by criminals to gain access to computers. It goes by several different names, such as AntiVirus XP 2008, Antivirus XP 2010 and Antivirus 2011, and succeeds by looking like a legitimate Windows program. The programs are delivered through spam messages that link to an automatic download of a malware installer, or can even be delivered by clicking on the adverts of valid websites that have been compromised by hackers - or even just visiting a website. For example, the criminals (parasites) can register a website that has an address that is a misspelling of a popular website, infect it with code that loads malware onto your computer if you tried to reach the popular website but misspelled the name and used the name of their infected website.
Here is an example of what happens:
Thousands of home computers infiltrated after hackers infect high-profile websites with booby-trapped ads - "The London Stock Exchange, Autotrader and Vue [websites] were among those affected" - http://www.dailymail.co.uk/sciencetech/article-1362205/...
Here are images of the kind of fake virus-infection alert messages that come up:
Under no circumstances should you ever click anything on a security alert message that comes from outside the Windows Notification Area. The message in the second image is not literate, suggesting that it was written by someone with a poor command of English. Don't click an OK or a Cancel button. By clicking on the Click here to switch to Full Mode button shown in the top image and the OK button in the bottom image, you are giving permission to install the malware or run a phoney virus scan. In Windows XP Home Edition, malware will install immediately, but in Windows XP Professional Windows Vista and Windows 7, User Access Control (UAC), which is enabled by default, will bring up a genuine window that requires the user to grant Windows permission to install the malware software. Which is why you should never disable UAC.
If you allow the malware to install, you should download, install and run a suitable removal tool such as Malwarebytes Anti-Malware. The free version cannot monitor the system in real time but allows itself to be updated and run by the user. If the malware prevents Windows from booting, try booting using the Safe Mode with Networking boot option, which is one of several boot options made available when you press the F8 key repeatedly just before Windows starts to load. It allows the web access you need to download the tool if you don't have it installed or update it if it is installed. The malware won't be able to operate in Safe Mode, so it can be removed by running a suitable tool.
Any security message should only ever come from the Windows Notification Area, usually in the bottom right corner of the screen, so never click on any OK or even a Cancel button in a security message that appears outside of it, just press the Ctrl + Alt + Del key combination immediately to bring up the Windows Task Manager (in Windows XP) or which allows you to choose to run it (in Windows Vista and Windows 7) and use it to shut the browser down if a webpage you visit regularly (or even for the first time) suddenly produces a security message (outside the Notification Area) that a named or unnamed virus scanner has detected a serious virus infection, or a message comes up such as this one: Warning!!! Your system requires immediate antiviruses scan! Desktop Security can perform fast and free virus and malicious software scan of your computer.
By just visiting a genuine website my PC/computer got infected with the infamous Security Shield malware that warned me I had 20 or more viruses is a Q&A on this website that describes how one of these 'scareware' problems can dealt with.
I misspelled a website once that opened a Russian website that brought up a webpage that seemed to be doing a very rapid security scan of my computer, using graphics that made it look like a genuine view of My Computer in Windows XP, showing the drives and a scan of them taking place and reporting a massive infection of viruses and malware. Of course, it was just a phoney webpage set up to show a phoney infection. I didn't click on any of the prompts it produced. Instead, I pressed the Ctrl + Alt + Del key combination to bring up the Windows Task Manager and shut down the page under the Applications tab. There was no need to run an antivirus scan because there was no real infection, but, just in case, I ran several scans and none of them showed any infection. I then ran CCleaner, which cleans all Internet files, but discovered that the phoney webpage reappeared in any web browser that I ran and ran its phoney scan immediately. I shut the browser down as before, rebooted the system and then pressed the F8 key repeatedly before Windows started to load to bring up the boot menu. I chose the Safe Mode with networking option that provides web access in Safe Mode. When I opened Internet Explorer, it opened my usual Home Page and the phoney webpage didn't come up automatically. In any case, I was going to run CCleaner from Safe Mode, but couldn't find it under Start => All Programs, which was very peculiar because it could be run in normal Windows mode and was installed when I used Windows Explorer (right-click Start button => Explore) to find its folder under Program Files. So, to open it, I double-clicked on its executable file - ccleaner.exe. I ran the program and then restarted. The phoney webpage didn't open by itself.
The spam containing attachments usually entices the user into opening them by saying that they contain naked images of celebrities. It is also possible just to visit an infected website for your system to pick up a Trojan virus. Read this article:
Trojan virus steals bank info - http://news.bbc.co.uk/1/hi/technology/7701227.stm
Therefore, you should never consider installing any security software unless it is reviewed on a reputable site such as http://internet-security-suite-review.toptenreviews.com/.
By browsing websites that provide articles and images of celebrities, I have encountered websites that suddenly seem to be running a virus scan of the computer that can only be stopped by closing the web browser. A scan is not running, just a video on the page. A window can then presents itself that looks just like the My Computer window used by Windows XP that shows the hard-disk and DVD drives used by the computer and it changes to show that your whole system is infected by many viruses, but that too is just a webpage running a video. There is no real virus infection. You are asked to download and install a virus scanner that you have to pay for with a credit card. Needless to say, you should just ignore this and close the browser. If it won't close, turn the computer itself off. Restart and run a virus scan with your real scanner, such as the free Microsoft Security Essentials, which scans for all kinds of malware (viruses and spyware, etc.).
You used to have to get virus and spyware scanners and a software firewall (free or paid-for) for adequate protection. However, the major Internet security companies have changed the way in which their software works. They are addressing all of the different kinds of threats from the web at the same time. Instead of using separate programs, Internet security suites combine all of their scanners into one application, which is more efficient than having three or more separate scanners scanning the system.
Most Internet users now use a wireless router that provides the capacity for wireless and wired network connections to two or more computers, forming a home network that enables them to share a broadband connection. Routers provide a hardware firewall that provides better security against unwanted intrusions from the web than a software firewall (Windows Firewall, ZoneAlarm, AVG, Comodo) provides. A hardware firewall can be used in conjunction with a software firewall, but only one software firewall should be used to monitor a computer system, so don't disable your software firewall. If you do Windows will advise to to enable it.
If you access the web using a router, you should make sure that its hardware firewall is enabled by bringing up the router's configuration page on a web browser (Internet Explorer, Firefox, Safari, etc.) The configuration page provides the router's settings which can be enabled, disabled or customised. Other settings, such as remote assistance, are provided. You should make sure that a setting like remote assistance is disabled, because it can be used to access your network from a remote location. Windows also has settings for remote access and remote assistance, which you should disable. You should only allow remote access or assistance to people who you have proven are 100% trustworthy. Click here! to go to the information on routers on this website, which includes information on how to access a router's configuration page.
There is no need to pay for malware protection, because there are several free scanners. Here is a review of the best of them:
Free anti-virus applications compared -
"Expert Reviews is the only site to use live viruses in its attack tests, making our results the most accurate you can find. Please read our full test methodology to find out exactly how we test." - http://www.expertreviews.co.uk/internet-security/274933/...
Note that some of the scanners reviewed, such as Microsoft Security Essentials and AVG Anti-Virus Free, provide protection against all types of malware.
Commercial Anti-virus applications compared -
MaximumPC.com (US) -
However, note well that when polled by newsletters and PC websites, the majority of computer users always say that they prefer using individual anti-virus, anti-spyware, firewall, and other security tools, which they say are preferable to all-in-one security suites, such as Symantec's Norton Internet Security. This is no doubt because they know from experience that the individual-tool approach is less problematic. Moreover, if you were to ask highly experienced PC repair technicians, they will almost certainly all say that standalone products outperform security suites.
In my opinion, the reason that relatively poor security suites, such as Norton Internet Security and McAfee Internet Security Suite, are regularly reviewed as being the best security products has more to do with commerce than with real-world experiences of users. PC publications and websites will almost all run the adverts of the major security companies and it is therefore in their interests to promote not criticise them. For example, only the Windows Secrets newsletter ran articles exposing how unreliable the McAfee SiteAdvisor website-rating service can be. None of the major PC magazines and websites did likewise when I asked them to do their own take on the Windows Secrets' exposé. I put that down to their not wanting to damage their advertising relationship with McAfee, which is major computer-security company.
I personally would not use the Norton (Symantec) and McAfee products regardless of the good reviews because of bad experiences I have had with them. I find that using the free versions of the ZoneAlarm Firewall or Comodo Firewall, the free Microsoft Security Essentials malware scanner or the free AVG antivirus/antispyware scanner and the Web of Trust browser plugin provide very adequate protection. I have yet to fall foul of any security threat. Web of Trust (WOT) warns you before you interact with a risky website, both from within the browser (Internet Explorer, Firefox, etc.) and from within search-engine results by placing green or yellow or red marks beside each link to indicate its security rating.
The Comodo Firewall tends to be overly intrusive, so you might prefer the less intrusive (fewer alerts) and more user-friendly ZoneAlarm Free Firewall. An inexpensive superior paid-for version is also available as well as other paid-for security software, but the free version provides a home-computer-user with adequate protection, especially if a router, which almost always provides a hardware firewall by default, is used to access the web. A module called Anti-phishing is installed by default, which is very good at identifying phishing websites that attempt to trick users into providing criminals with login details and passwords to banking websites, etc. If you chose to install its search bar during installation, it provides several features, including a Site Check button. Click on it and it provides information on the website being viewed. Site Check also identifies and provides protection against 'attack websites', which are know to infect the computers of users with viruses/malware/spyware who visit them via search engines or are tricked into visiting them via emails, etc. The free Comodo Firewall, even when set at its lowest alert level, provides many alerts that many users won't know whether to block or allow through. The ZoneAlarm Firewall provides far fewer alerts and those that it does provide are easy to understand and relate to what the user is doing when an alert presents itself.
I also use the free version of Malwarebytes' Anti-Malware. Apparently most of the calls to Microsoft's support lines involve spyware infections and Microsoft recommends using the free version of this program. It allows manual scans for spyware, which means that you have to run the program; it does not monitor the system in real time. You pay just $24.90 for the full version, which provides real-time protection against malware, scheduled scanning and scheduled updating. Just remember that you should not have two programs of the same type monitoring the system. Only one software firewall, etc. The free version of AVG Anti-Virus combines virus scanning and adware/spyware scanning in real time, so if you use AVG Anti-Virus and you install another scanner that scans for viruses and/or spyware, you should disable AVG's real-time monitoring and only use it for manual scans. Scanners that monitor your system in real time will install an icon in the System Tray/Notification Area in the bottom left corner of the screen in Windows computers.
Download the free version from malwarebytes.org.
The free CCleaner is a utility that every computer should have installed. If you appreciate it, you can make a donation to its developer. It has a Windows Registry cleaner as well as a system cleaner. The following page on its developer's website provides the information on how best to use the utility.
CCleaner Documentation -
"CCleaner is the number-one tool for cleaning your Windows PC. Use this small, fast software utility to delete unneeded temporary files and logs, clean out your Registry, and protect your browsing privacy." - http://docs.piriform.com/ccleaner
September 30, 2009. - Microsoft has provided a free malware scanner called Security Essentials that scans for viruses, spyware and other malware that you can use in real time or as an additional scanner. Real-time scanning is enabled by default, but you can turn it off, which you should do if you keep another malware scanner operating in real time.
Microsoft Security Essentials - http://www.microsoft.com/security_essentials/
Note that version 2 of Security Essentials was made available in January 2011. The link above downloads that version. You can use the Run or the Download options. I always download a program and install it by double-clicking on the downloaded file, because sometimes the Run option screws up the installation. When the download is installed, you have to click an Upgrade button during the installation, but other than that there is no indication in the program itself that version 2 has been installed. You have to click Help => About Security Essentials where the version - 2.0.657.0 - is provided.
The 120-day Microsoft security suite [Security Essentials] test drive -
"... four months ago, I decided to look into a new option: the recently released Microsoft Security Essentials (MSE) — the company's first antivirus and anti-malware application. (MSE is available as a free download from the product's info page.) So far, my real-life test drive indicates that Microsoft may have finally got basic security right." -
Rootkit Trojan viruses hide below the level at which the operating system functions , so aren't usually detected by a standard virus scanner. Windows XP is 10 years old, still has 58% of computers running it (July 2011) has weaker security than Windows Vista or Windows 7 and it has had much longer to become infected with rootkits so it isn't surprising that systems running it are mostly responsible for spreading rootkit infections to other computers. Rootkits can be detected and removed by special rootkit scanners. A good free program is Saphos Anti-Rootkit from http://www.sophos.com/.
Note well that if you are visiting a website that produces a message saying that malware has been detected on your PC, offering a free security scan if you click a button to give the OK, don't click the button, press the Ctrl + Alt + Del key combination that brings up the Windows Task Manager and close that website down under its Applications tab.
It can be very difficult to remove such malware once it has compromised a system, because it can shut down antivirus programs and forbid the user from accessing websites that provide online virus scanning, such as the free scanner provided from kaspersky.com.
When they have infected a system some of these phoney antivirus programs can produce messages asking you to buy them and then scan the system. Of course, they can't scan for anything because they are malware themselves. Some of them ask for you to enter your credit card number in order to make a purchase of the scanning software. If that happens you should first try using the antivirus software that you should be running in real time monitoring your computer to remove it by running a system scan. Note that you should be using an antivirus program that is updated regularly online. The free version of AVG Anti-Virus updates itself daily.
If you visit a website that requires downloading and installing a video player or picture viewer in order to view videos/pictures, switch the PC off and reboot or press the Ctrl + Alt + Del key combination that brings up the Windows Task Manager and close that website down under its Applications tab, because the download is almost certainly malware that can compromise the security of your system in order to make you buy phoney software, steal passwords, etc. Users who are searching for porn using popular keywords at some time or other are sure to click on links to sites that require the user to install a program in order to view the porn. If they download and install that software, their systems will be compromised any number of ways from installing keyloggers that return the keystrokes made by the user to the hackers to allowing full remote access to the system.
Note that if you can't get rid of a malware infection, it is advisable to start the system up in Safe Mode by constantly pressing the F8 key just before Windows shows its first graphics screen and starts to install itself at startup. Pressing that key brings up the boot manager that has Safe Mode as one of the options. You can run virus and spyware scanners in that mode more effectively, because a very basic version of Windows is running and the malware won't have installed itself, but its files will still be detectable.
You can also try using System Restore to backdate the system files to a date prior to the infection. It is found under Start => All programs => Accessories => System Tools in Windows XP and Windows Vista. In Windows 7, just enter the words system restore in the Start => Search programs and files box to be presented with a clickable link that opens it. Visit the Windows 7 section of this website for more detailed information on System Restore in Windows 7. However, note well that malware can often disable System Restore, or the changes that the malware makes to the system can prevent it from working.
If that is the case, there are ways to restoring the system manually, but they are so involved, involving editing the Registry, etc., that it is easier to perform a repair install of Windows, which retains your folders, files and settings.
Click here! to go to information on this website on how to perform a repair install with Windows XP.
Click here! to go to information on this website on how to perform a repair install with Windows Vista.
Click here! to go to information on this website on how to perform a repair install with Windows 7.
Note that you must have a Windows XP/Windows Vista/Windows 7 installation CD/DVD in order to do that, and you will have to add any missing service packs and security updates if you haven't created a customised CD that contains the contents of the installation CD that you have plus the missing service packs. Windows XP has reached Service Pack 3 - its last service pack. If you install SP3 to the original release of Windows XP, you have to have at least SP1 installed. If you have the original version of Windows XP with no service packs installed, SP2 incorporates SP1, so you only need to install SP2 to get it. I am telling you this because some elderly computers have a small hard disk drive that won't accommodate SP3 due to a lack of hard-disk space. Any computer with a large enough hard drive that uses the original release of Windows XP should be able to update to SP3. Windows Vista currently has Service Pack 1 (SP1) and Service Pack 2 (SP2). Windows 7, released on 22 October 2009, had only Service Pack 1 (SP1) by October 2012
Read the following Q&A on this site on how to slipsteam Windows XP and Windows Vista with service packs: How to slipstream Windows XP and Windows Vista and create a customised boot CD.
Note that you should consider using the OpenDNS service from http://www.opendns.com/ as your computer or network's DNS server, which translates web addresses into the IP addresses. For example, 18.104.22.168 is the IP address of this website. Entering http://22.214.171.124 into a browser brings up http://www.pcbuyerbeware.co.uk/. It is the DNS server that does the translation.
After your computer or network has been set up to use OpenDNS, it can prevent it from accessing many bad websites, and, among many other options, it can be configured to prevent children from gaining access to adult websites. Here is how to get the best out of this free service:
Use OpenDNS to surf safely with these tricks -
Alternatively, if you install the latest version of the Comodo Firewall and/or Comodo AntiVirus, the installation process allows you to set your computer up to use secure DNS servers of the developers of Comodo security software. You can download the 76MB file that allows you to: "Install the AntiVirus as a standalone. Install the Firewall as a standalone. Install both Firewall and AntiVirus." You should read which options can be installed as the setup process runs, because there are some provided by third parties that you might not want. Note that you should uninstall any existing anti-virus software if you install Comodo AntiVirus, because you should not have more than one type of security software monitoring the system in real time at the same time - only one firewall, one anti-virus scanner, etc., including the Windows Firewall that is set as the default firewall unless a third-party firewall is installed. Most third-party firewalls disable the Windows Firewall (part of Windows XP, Windows Vista and Windows 7) when they are installed.
Note that the version of the Windows Firewall in Windows XP does not provide outbound protection (prevention of malware accessing the web from within your computer), and outbound protection has to be configured in the version in Windows Vista and Windows 7. In any case, Microsoft is a novice when it comes to firewall development, so, unless you are inclined to getting involved in configurations, it is advisable to use a third-party firewall, such as Comodo or ZoneAlarm, instead of the Windows Firewall. That said, the Windows Firewall in Windows 7 is much improved.
The Windows Firewall does not automatically block or provide alerts about software, which could be malware, trying to access the web from within your computer. The following pages show how to customise the Windows Firewall or use a middleman program - Windows Firewall Control - that provides the alerts. If you allow a program to access the web, Windows Firewall Control remembers your decision, so that you don't keep having to grant permission. Free versions of Windows Firewall Control are available for Windows XP, Vista and Windows 7. Pro paid-for versions with additional capabilities, priced between U.S. $15-$30, are also available. However, the free versions ask for registration periodically.
Windows 7 Firewall Control - http://www.sphinx-soft.com/
Windows 7 Firewall Outbound Protection -
Note that you must have the 64-bit version of Windows 7 installed to use a 64-bit version of software. Links are provided in the review that provide both the the 32-bit and 64-bit versions. Most (but not all) 32-bit software will run on the 64-bit versions of Windows Vista and Windows 7.
How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system - http://support.microsoft.com/kb/827218
What's new in the Windows 7 Firewall? -
"Taking a look at the Windows Firewall in Windows 7, showing you how to configure it with multiple active firewall policies." -
Windows Vista's half-cocked firewall -
"In an e-mail, Rowan Trollope, Vice President of Consumer Engineering at Symantec, offered this interpretation: "We have discovered that though Vista's outbound firewall is 'on' by default, all outbound connects that do not match a rule are allowed. In the default configuration, there are no outbound 'block' rules, only allow rules. In other words, even though [the Windows Firewall outbound protection is] on, it is not doing anything." -
How to Enable Windows 7 Firewall Outbound Protection -
"Before I continue explaining how to enable Windows 7 firewall outbound protection I will have to tell you that this firewall is a bit stubborn not like other third-party firewalls. This means when outbound protection is enabled firewall is going to by default block any installed program from connecting to the internet including Internet Explorer which means you will have to manually create rules to specifically allow individual programs to access internet. A bit unusual and time-consuming though." -
Download Comodo Firewall -
Other free products from Comodo, such as Business Firewall & Antivirus, System Cleaner and BackUp - http://www.comodo.com/products/free-products.php
ZoneAlarm Free Firewall [Less intrusive than the Comodo Firewall. Other paid-for security products are also available] -
Some malware can cripple spyware and anti-virus scanners. If this happens to you and you can still go online, there are many free online scanners, ten of the best of which are listed on this page:
Here is a link to brief video introduction on phishing, which is an online method used to trick people into sending their logon user names and passwords to online stores, banking sites and payment sites such as Paypal.
Gone Phishing - http://news.bbc.co.uk/1/hi/business/7715787.stm
Visit The tricks used by phishing sites, hackers, and web tricksters on Page 2 of this article for more detailed information on this subject.
This article provides insight into the world of the computer hacker:
Gaining access to a hacker's world -
"For a short time in February, I had complete control over 21,696 personal computers around the world. These were machines whose owners had not taken the basic security precautions necessary to stay safe online." -
If you have valuable data on your computer(s) or network of computers, you should consider using encryption to protect it. The following article provides a good introduction to what is involved in system encryption.
System Encryption: BitLocker And TrueCrypt Compared -
"Now that Intel offers hardware-based AES acceleration in a number of its mainstream processors, it's time to take a look at two of the most popular system encryption tools, BitLocker and TruCrypt, both of which are able to harness the hardware feature." -
An external hard disk drive is an external device that may contain data that you would like to protect. There are two main ways of protecting the data on one - by making use of encryption software that can also provide password protection, which can be free or paid for, and by making use of a password-protected screensaver that you can activate when you are not at the computer. Some external hard disk drives come with encryption software that also provides password protection. Note that the free encryption software tends to be difficult to use while the paid-for software is much easier to use but worth the price if you don't want to read through a user manual.
Encryption of a whole drive or just some of the data on it will only provide security when the external drive is not connected to the computer that encrypted that data. Anyone trying to connect the drive to another computer or to your own computer will not be able to access the data because it is both encrypted and password-protected. But when the drive is connected to its computer, anyone will be able to access the data, so the best way to protect it is to make use of a screensaver that provides password protection that can be activated when you are away from the computer or after a set period of the computer being inactive. If you don't know anything about screensavers, enter the word screensaver in the Search box of Help and Support in Windows XP, Windows Vista and Windows 7. Here is a thread from a computer forum that deals with this subject:
How to password-protect an external hard drive -
If you have read the numerous accounts of the loss of DVD data discs and USB flash drives (memory sticks) by government departments and laptops that have gone missing, you will have heard of a protective measure called encryption that was not used in most of the losses. If encryption had been used, the data would have been unrecoverable by thieves. Third-party software has been providing full hard-disk encryption for many years. Windows XP provides folder encryption - the Encrypting File System (EFS), which is not suitable for use on laptops - and Windows Vista provides full disc encryption called BitLocker Drive Encryption.
Here are the articles on Microsoft's site that provide the information on how to use it:
How to encrypt a folder in Windows XP -
BitLocker Drive Encryption in Windows Vista -
BitLocker Drive Encryption Step-by-Step Guide for Windows 7 -
Coming soon: Full-disk encryption for all computer drives: Drive makers settle on a single encryption standard -
Since identity theft is a tremendous growth industry, it is imperative that you should know how to protect yourself from having your identity stolen, because if someone steals your identity, the thief can sign up to Internet Service Providers (ISPs) in your name and get you into trouble with the law for online theft or for accessing illegal websites.
The following article is written by Frank Abagnake, one of the most notorious forgers and impersonators in history. The movie Catch Me If You Can, starring Leonardo Di Caprio as Abagnake, is based on his notorious life of crime as a teenager. He is now a world-renowned consultant on security matters.
14 tips to avoid identity theft -
The information on that page is aimed at US citizens, but provides some good advice to anyone. Apparently, in the US, if someone knows a person's social-security number, he or she can gain access to all of that person's account numbers. Note well that gaining access to that kind of personal information is not possible in the UK if someone knows a person's National Insurance number.
In 2002, Abagnale wrote a general, all-purpose book called The Art of the Steal. In the book, he lists and explains common confidence tricks and ways of preventing oneself from being defrauded. Identity theft and Internet scams are also covered. In 2004, he released a book called, Real U Identity Theft, in which he provides information on how to prevent identity theft in the first place. Both books are widely available.
Here is a useful quote from an interview with him: ..." you have to alert consumers today, you have to be a very smart consumer. The police can't protect you, the government can't protect you, your bank can't protect you, only you can protect yourself. So you have to ask yourself when you go on something like the Internet, what information am I putting out there, and how could someone use that information? The crime of the future will be identity theft, and we're already starting to see where people assume other people's identity because they're able to get bits and pieces of information about that individual, their bank account, their social security or health card number, and then assume that person's identity. And that's an awful crime, because in that crime, the criminal who's committing the crime is innocent until they're proven guilty, but the person who's the victim is guilty until they prove themselves innocent. So they're the ones that have to go out and convince the bank, the credit bureau, that they're not the person who made those charges or got that mortgage."
If you enter "frank abagnale" in a search engine, you will be presented with plenty of useful links to information on him and his books.
"Like most Windows software, Norton security products, published by the Symantec Corp., come with an uninstall option to remove the software from your computer. Unfortunately, neither Symantec's bundled uninstaller — nor a little-known, special utility from the company — removes every single thing...." -
Many of the security-software developers automatically renew subscriptions to their services, and it can often be very difficult to cancel a subscription. Read the story here:
Microsoft, McAfee, Symantec charge cards repeatedly -
The following tip had nothing to do with security, but this is a good page on which to put it. If you come across an advert on a reputable website that offers you an expensive piece of equipment, such as an LCD TV or laptop computer free of charge, don't rush into signing up for it! Read the terms and conditions of the offer, because you will probably get the item free, but you will also undoubtedly be committing yourself to making many purchases of goods in exchange for it, which will still make a handsome profit for the business that is making the offer.
You should know that Windows XP has a Security Center that is opened by clicking Start => All Programs => Accessories => System Tools => Security Center.
It informs you of the security status of the system's firewall and virus protection, and allows you to set options for the way in which Automatic Updates (in Windows XP) or Windows Update (in Windows Vista) operates. If you have insufficient firewall and/or virus protection, you will be informed by pop-up messages. Depending on the setting you have enabled, you can also be informed of what Automatic Updates requires of you. A badge-shaped icon appears in the bottom left System Tray (Notification Area). If you position the mouse pointer over the icon, you will be told what to do. For example, if you have chosen the setting that makes Automatic Updates let you know when updates are available, the message will tell you that updates are available and to click the icon to begin the download.
If you need to investigate a security issue, the following guides provide you with a good way to go about it.
Fundamental Computer Investigation Guide for Windows [XP and Vista] -
"This guide discusses processes and tools for use in internal computer investigations. It also presents an applied scenario example of an internal investigation that uses Windows Sysinternals tools (advanced utilities that can be used to examine Windows-based computers) as well as commonly available Windows commands and tools." -
Malware Removal Starter Kit: How to Combat Malware Using Windows PE - "This guidance provides a set of tasks that licensed Windows® users can perform at no cost to create the Malware Removal Starter Kit. Recommendations for free malware-scanning tools are included. You can use these tools in combination with the kit to conduct scans, detect problems, and remove malware from your computer. Requirements The following are operating system and feature requirements for preparing a Windows PE kit: Windows Vista® or Windows XP® with Service Pack 2 (SP2). DVD burner and software to write to a CD-ROM. 992 MB of free space on the computer's hard drive disk to download the Windows PE .img file. Note An additional 800 MB of space is required for the boot image on drive C of the computer when using the default script for the kit. Microsoft .NET Framework version 2.0 and MSXML to run Windows Installer." -
Microsoft is touting Windows Vista as the most secure operating system yet devised. True or not, the devil is always in the detail.
Top Security Features in Windows Vista -
The Security Center in Windows Vista is accessed via the Control Panel, which is accessed from the Start (button's) menu. Click on Security to open it.
Windows Security Center -
"Windows Security Center [in Windows Vista] helps make your PC more secure by alerting you when your security software is out of date or when your security settings should be strengthened. The Security Center displays your firewall settings and tells you whether your PC is set up to receive automatic software updates from Microsoft. Other improvements over the version of Windows Security Center that debuted in Microsoft Windows XP SP2 include showing the status of software designed to protect against antispyware, your Internet Explorer 7 security settings, and User Account Control. In addition, Windows Security Center can monitor security products from multiple companies and show you which are enabled and up to date." -
Windows Vista Security and Data Protection Improvements -
The Devil's Guide to Windows Vista Security -
Windows Vista Security Guide [technical guide for IT professionals] -
How To Create a Windows Vista Password Reset Disk -
"Creating a Windows Vista password reset disk can really come in handy if you forget your account password. With it, you can easily reset your password and get right in to Windows Vista. While there are ways to recover lost passwords without a password reset disk, they are often complicated and time consuming..."
Windows Vista Security Guide 1.2 -
Windows Vista Step-by-Step Guides for IT Professionals -
"These step-by-step guides provide instructions for deploying or migrating to Windows Vista, and various management tasks, including configuring security, monitoring performance, and managing printers." -
The Security Center in Windows XP and Windows Vista has become the Action Center in Windows 7, where it covers maintenance as well as security. There is plenty of information on it on the web, such as customising it and disabling it, that can be found by entering the search query action center windows 7 in a search engine. Here is an introduction to it on Microsoft's website:
What is Action Center? - "Action Center is a central place to view alerts and take actions that can help keep Windows 7 running smoothly." -
June 24, 2006. - On July 11, 2006, Microsoft ended support for both Windows 98, Windows 98 Second Edition (SE) and Windows Millennium Edition (Me). This means that Microsoft will no longer provide security updates for these operating systems, and will no longer provide (paid) incident support. Only self-help support will be available until at least July 10, 2007. You can still use those versions of Windows, but, unless Microsoft changes its mind, they will not be updated after that date.
Support for Windows XP SP2 (with the Service Pack 2 update installed) has ended, but Windows XP with SP3 installed is still supported. Support for Windows Vista with the SP1 update installed ends on 12 July 2011, but Vista with SP3 installed is still supported.
Visit http://support.microsoft.com/lifecycle/ for the latest information on the lifecycles of Microsoft's products.
Many home users share an Internet connection wirelessly between two or more desktop and laptop PCs. The sharing is done over a wireless network (which could also be a mixture of a wired and a wireless network). If that is the case, you should investigate what Windows SteadyState has to offer.
"Windows SteadyState, successor to the Shared Computer Toolkit, is designed to make life easier for people who set up and maintain shared computers."
"Parents can use Windows SteadyState to help control and enhance their children's computer experience. They can customize the computer to be safer and easier to use. Internet access can be carefully controlled. Different levels of restriction can be applied for different children. In cases where a single machine is used by children and parents, the parents' configurations, programs, and files can be completely isolated from access by the children."
Time limits can also be set.
SteadyState Version 2.5 supports Windows Vista. Watch the demonstration here:
Microsoft has decided not to provide a Windows 7 compatible version of SteayState. The following article explores the consequences of this decision. There is some useful information in it on protecting your security while using public computers in libraries, wireless hotspots and Internet cafes, etc.
Microsoft decision puts public libraries at risk -
"The company announced it would not upgrade the free application, SteadyState, to Windows 7 compatibility, angering many of the folks who manage public-access PCs. People who manage library PCs say they don't have money to pay for third-party products that protect public PCs from malware and malicious users." -
If you are a user of Windows XP, when using Windows Vista or Windows 7 you'll soon notice that those versions of Windows require permission to install software, and, if you have a utility such as the free CCleaner installed and set to clean the system at startup, Windows Vista/Win7 asks your permission to allow it to perform its cleanup during startup. The User Account Control is responsible for those security measures.
User Account Control (UAC) improves the security of the system it is running on by limiting software to standard user privileges until an increase in privilege level is authorised by a user with administrator privileges. In this way, only applications that the user trusts receive higher privileges, and spyware and viruses are prevented from installing themselves. In short, a user account can have administrator privileges assigned to it, but software that the user runs do not also have those privileges unless they are approved beforehand, or the user authorises it to have those higher privileges. Application software that has been installed will run without interference, but if it attempts to make unauthorised changes to the system, Windows Vista/Win7 asks the user for permission.
If you are logged into a Windows Vista/Win7 computer as administrator, and you wish to make a configuration change, a message pops up from the UAC asking 'If you started this action, continue'. You must click on that 'Continue' button before Windows completes the configuration.
You can turn UAC off if you find its nagging annoying, but it is advisable to tolerate it and to learn how to distinguish between what is safe and what is potentially dangerous. What you should never do is just click the Continue button without finding out which application brought the UAC into action, because that is how viruses and spyware can be installed.
Here are some webpages that provide additional information on UAC, including how to turn it off:
User Account Control - http://en.wikipedia.org/wiki/User_Account_Control
Understanding Windows Vista's User Account Control -
Inside Windows 7 User Account Control -
User Account Control Overview -
You can find many others by entering vista user account control or windows 7 user account control as the search queries in a search engine.
Software applications and operating systems are continually developing and are just as continually leaving gaping holes that hackers discover and exploit - and software developers are forced to patch. Therefore, it is essential to keep up to date with the latest ways and means of providing your PC or network with the most effective and cost-effective protection.
Free security analysis tools are available that can analyse the contents of a computer and determine security weaknesses. The Microsoft Baseline Security Analyzer (MBSA) is the best free product. It covers a variety of areas of importance in making a PC secure, and provides solutions wherever weaknesses are discovered. It is simple enough for intermediate computer users to use, but is also sophisticated enough for professional use. If you are a novice to computer security, you can download and run it after you have read and understood the contents of this section of this site.
The installation of MBSA requires validation via Windows Genuine Advantage. MBSA can analyse a single computer or the computers on a network. It saves each scan as a report that can be printed or copied to the Windows Clipboard. Brightly coloured icons make it a simple matter to see safe (green), questionable (yellow,) or problem (red) areas. Additional information, indicated by a blue icon, is also provided. Each entry in the report links to help text that explains what was scanned and, in many cases, provides details on the results. If a problem is discovered, a "How to correct this" link is made available. The help files often link to additional files online, such as Microsoft Knowledge Base articles.
Microsoft Baseline Security Analyzer -
"Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems." -
The ten essential protection methods to employ are:
Keep your computer that is running Windows XP/Windows Vista and Internet Explorer updated with the latest updates from Microsoft Update. If you use another operating system (e.g., Linux) or Internet browser (e.g., Mozilla Firefox), visit its site for updates. Microsoft makes security updates available once a month on "Patch Tuesday" - the first Tuesday of the month. Many add-ons have been created for the Firefox browser, some of which enhance security, such as the following add-ons:
8 essential privacy extensions for Firefox - Protect your online life from prying eyes with these key Firefox privacy add-ons -
You can find out how your Windows XP computer downloads and installs updates by opening Automatic Updates in the Control Panel.
In Windows Vista it is called Windows Update and it can be found under the Security and the System and Maintenance sections of the Control Panel.
Windows Update [in Windows Vista]-
Click here! to go to the Security updates page on Microsoft's site.
A computer can have several old programs installed on it that require patches or updating in order not to be a security risk. The most common programs are Java, Flash Player, QuickTime, Adobe Reader, WinZip 8.x, RealPlayer, Yahoo! Messenger 8.x, and Winamp 5.x. Sometimes when you install the latest version, the old version can be left installed. If that is the case it doesn't present a security risk, because the latest version is being used. You can check if you have any unpatched software by downloading and using the free Secunia Personal Software Inspector.
Secunia Personal Software Inspector (PSI) -
"The Secunia PSI is available free of charge. Secure your PC. Patch your applications. Be proactive. Scan for Insecure and End-of-Life applications. Track your patch-performance week by week. Direct and easy access to security patches. Detect more than 300,000 unique application versions." - https://psi.secunia.com/
You can also download and run the filehippo Update Checker that finds updates.
filehippo.com Update Checker - "Welcome to the new filehippo.com Update Checker! We're currently beta testing this exciting new addition to our website and have released it as a public beta for everyone to download. What is it? The Update Checker will scan your computer for installed software, check the versions and then send this information to filehippo.com to see if there are any newer releases. These are then neatly displayed in your browser for you to download." - http://www.filehippo.com/updatechecker
The following article provides information on this subject:
Unpatched software abounds on user systems -
Instead of Internet Explorer (IE) use an alternative such as Mozilla's Firefox. Every hacker and malware programmer on earth is constantly trying to find ways of exploiting Internet Explorer (currently up to version 9.0, which can only be run on Windows Vista and Windows 7 desktop and laptop PCs (unfortunately not with Windows XP).
Apparently IE9 is more secure than any previous version of Internet Explorer. IE9 and Google's Chrome web browsers now both provide warnings of dangerous downloads.
Google Chrome web browser warns users about dangerous Windows downloads -
You can keep Internet Explorer installed in case you have to use it for certain sites that won't work without it. As long as you have sufficient system resources, you can have as many browsers as you like installed and running at the same time, so if you can't get a site to work with Firefox, open Internet Explorer and use it instead.
Firefox is highly resistant to malware infection. Every method of installing malware through Firefox requires the user to give permission to install it. The rule of thumb for any browser is if a message suddenly appears for no reason asking for permission to install software, or to run a script, always click No unless you know exactly why your permission is required to install a program or run a script that makes the browser take certain defined actions.
However, if you must use Internet Explorer, then make sure that you are using at least version 7 (Internet Explorer 7), which has improved security features, such as a Phishing Filter. Internet Explorer 8 is available and Internet Explorer 9 will soon be officially released (it was in beta test form in January 2011). Note that IE6 is no longer supported by Microsoft.
Troubleshoot and solve problems in Internet Explorer [IE7, IE8 and IE9] -
You can use Web of Trust (WOT), a browser plugin, for extra protection. It can warn you if you're visiting undesirable sites in your web browser itself, which could Internet Explorer, Firefox, Opera, Chrome or Safari. It shows its website ratings in search engine results as well. - http://www.mywot.com/
You should note that WOT uses user input to gauge a website's safety levels, so, if enough users vote it unsafe in any safety category, it will be classified as unsafe in that category. This means that websites that are completely safe, such as those belonging to advertising companies, which many users don't like or want to sabotage, even though they help keep web access free, can be voted unsafe when they are completely safe to use.
For the same reasons, for an e-mail program, instead of using Microsoft's Outlook Express, use Mozilla's Thunderbird. It won't execute dodgy scripts or launch the malware programs that an unpatched installation of Outlook Express does. Even with all of the latest security updates installed, Outlook Express still draws images into e-mails that it can display in its preview window. The sender of the message can use an image only a screen pixel in size to find out if your e-mail address is active and then sell it so that you get flooded with spam. Thunderbird doesn't do that. It can be a little problematic occasionally, but it makes up for that by having a superb spam filter. All you have to do is configure its Junk Mail Controls under the Tools menu, and then highlight a spam message and hit its Junk button. The spam filter learns what sort of e-mail you would rather not see in your Inbox. After all of the e-mail messages have been downloaded, the spam is transferred to the Junk box from where it can be deleted or set to be deleted after a specific period. If it flags a valid message as spam, you can tell it that it has made a mistake and it shouldn't repeat it.
Have a good software firewall installed and properly set up to block illicit incoming and outgoing Internet traffic. There are many good free firewalls listed in the security links section further on the next page. Aparet from the Windows Firewall that is built into Windows XP, Vista and Win7 & 8, my personal preferences are for the free Comodo and ZoneAlarm firewalls. It is easy to install and configure, and it will provide excelent protection when used it in conjunction with a virus scanner, such as the free version of AVG AntiVirus, and the (Microsoft) Security Essentials and Spybot Search & Destroy spyware scanners. Comodo now also provide free Anti-Malware, AntiVirus, and Website Authentication software.
Review roundup: Slim is in for Windows desktop firewalls -
"You don't need a bloated security suite to get the best protection from a firewall -- in fact, many of the biggest names offer less protection than simpler, lesser-known firewalls..." -
Also covered in the April 2007 newsletter is "The Vista Firewall Situation", which discusses the current situation regarding the Windows Firewall provided by Windows Vista. Very few of the popular software firewalls currently support Vista. A situation that will definitely be changing rapidly as the software firewall developers rush to get their acts together. In the meantime, Vista users will have to make do with the Windows Firewall. The newsletter has this to say about the situation: "In case you think you don't need a firewall, be advised that while Vista's Windows Firewall is mildly improved, the added outbound protection isn't turned on by default, and you may find it difficult to configure. Windows Firewall still does not offer full firewall support. It's better than nothing if you don't have a third-party software firewall, but that's about it."
Comodo Firewall Pro - "It's Free. Forever. No Catch. No Kidding - The Award-Winning Comodo Firewall Pro - PC Magazine Online's Editor's Choice - Secures against internal and external attacks - Blocks internet access to malicious Trojan programs - Safeguards your Personal data against theft - Delivers total end-point security for Personal Computers and Networks - Install now for out-of-the-box protection against identity theft hackers, Trojans, scripts and other unknown threats." -
Comodo now also provide free Anti-Malware, AntiVirus, and Website Authentication software.
ZoneAlarm Free Firewall [Less intrusive than the Comodo Firewall. Other paid-for security products are also available] -
Windows XP and Windows Vista have the Windows Firewall that can be accessed from the Control Panel. However, even the improved version that comes as part of Windows Vista, which, unlike the version in Windows XP, provides protection against illicit outgoing Internet traffic if configured correctly, is only better than not having any firewall protection.
Under normal circumstances, you should not be using two or more complex security products of the same kind, such as virus scanners and firewalls to monitor a system at the same time, because doing so can cause problems. However, I have been using the free version of ZoneAlarm in conjunction with the Windows Firewall in Windows XP and in Windows Vista without any problems. Just make sure that the following setting in ZoneAlarm is disabled otherwise it disables the Windows Firewall: Firewall => Main tab => Advanced button => Disable Windows Firewall.
Note that other security products, such as Norton AntiVirus, also have a setting that disables the Windows Firewall that is enabled by default. You can check if it is turned on or off under Start => Control Panel => Windows Firewall.
If you use a router to connect several computers to an Internet connection wirelessly, you should know that all routers have a feature called Network Address Translation (NAT). The router accesses the web with its own IP address, hides the IP addresses of the computers in the network, and sends the downloaded information to the internal IP addresses in the network. Most routers also have an inbuilt hardware firewall that can be enabled or disabled. You can run a software firewall on each computer in a network and make use a hardware firewall.
4. -Use a good virus scanner/anti-virus software
Install a good virus scanner and make sure that it is updated regularly with the latest virus definitions. The latest free version of the AVG Anti-Virus scanner is set to download updates by default as soon as the user goes online. A message come up asking for permission to do so.
Obtain it from this page: http://free.avg.com/gb-en/download#avg-free.
Steganos AntiVirus 2007 - Anti-virus software - Five stars - Best Buy award by Computer Shopper in February 2007. "In our recent Labs test, it beat every other anti-virus application hands down." - £20 in June 2007
An excellent paid-for virus scanner is Nod32 from: http://www.nod32.com/.
Note that you should not have two or more virus scanners actively monitoring the system at the same time (e.g. when you're online), because doing that can cause system lock-ups. You should only have one virus scanner monitoring the system in real time. However, you can have several virus scanners installed as long as only one of them is actively monitoring the system. You can update all of them and use each of them (one at a time) to run virus scans.
Download and install at least one reputable spyware and adware removal tool, and make sure that it is also regularly updated, because the creators of spyware and adware are constantly trying their utmost to defeat the removal tools. The three best free removal tools are probably Microsoft's Security Essentials, Spybot Search & Destroy and Ad-Aware.
You can pay for some excellent spyware scanners, some of which provide a free trial period in which you can test the scanner's effectiveness.
Note well that there are rogue spyware scanners that are ineffective and charge for 'removing' spyware. Spyware Blaster is a good scanner, but check that it is created by Javacool Software, because there is a rogue program with the same name that is being made available.
Sunbelt CounterSpy is an excellent product that can find spyware and backdoor Trojans that can make an infected computer send information to a remote location on the web, or download and install more software that compromises the computer's security.
"This is a great anti-spyware program..." An excellent spyware detection rate and exceptional value made CounterSpy Computer Shopper Magazine's Best Buy Award winner for fall 2006!" - Download the Free 15-Day Trial -
Spyware Warrior - http://spywarewarrior.com/ - has been exposing fraudulent and misleading antispyware products for several years. If you see an enticing advertisement for an antispyware, which can be delivered by reputable sites such as Google, Live.com, and Yahoo, you should check its reputation on the Spyware Warrior site before making a purchase, because the advertisements for products that generate false positives in order to fool users into purchasing their 'cure', and/or which use aggressive or misleading advertising can appear before the product is discredited with the advertisers, who then withdraw the advertisements.
XsoftSpy used to be considered a rogue scanner by spyware experts, but the Spyware Warrior site says that its problems have been sorted out, and it is therefore no longer considered a rogue product. It can also find spyware and Trojans not detected by other spyware scanners.
XoftSpy - http://www.xsoftspy.com/
Anti-Spyware Testing - http://spywarewarrior.com/asw-test-guide.htm
The Spyware Warrior site contains plenty of first-rate research on and insight into spyware threats and anti-spyware tools/utilities. It has a forum section that is well worth visiting. It stands out among all of the many other similar sites.
The Spyware Warrior Guide to Anti-Spyware Programs - Feature Comparison:
To access password-protected websites such as online banking sites, PayPal, eBay, etc., make sure that you use passwords that are difficult to guess or crack with the special password-cracking software that hackers use to obtain passwords. That kind of software can be loaded with dictionaries and algorithms so that it can try using words, combinations of words, and the methods people use to create passwords until it succeeds in gaining access to an account. There is plenty of advice on the web on how to create secure passwords.
Almost 16 million [people] use same password for every website, study finds -
"People are in danger of falling victim to internet fraud because we use the same password for almost every website, a new study has found." -
If you enter the search term such as passwords + guide in a search engine, you'll find links such as these two that I found myself:
Secure Password Guide - http://www.strangecode.com/support/passwords.php
Secure Password Generator - http://www.andrewscompanies.com/tools/passwords.asp
Gmail flaw shows value of strong passwords -
"The disclosure of a back door allowing bad guys to repeatedly guess Gmail passwords should remind us all to protect our accounts with long and strong character strings." -
Note well: most websites that hold sensitive information that can be accessed by logging in by entering a user name or e-mail address and a password don't allow more than a certain number of attempts (usually three) before the attempts are stopped. Any password-cracking software would have to log on, try three attempts, log off, and then log on again and try another three attempts, etc. The only reason password-cracking software can crack passwords is because it can make many millions of guesses in a minute. The cap on the number of logons allowed from a single IP address is why the thieves have resorted to using e-mail messages made to look as if they came from eBay, banks, and PayPal, etc., in order to trick clients into providing their login information.
Here is the reply I received from PayPal when I asked how secure a user's website account is if a user's e-mail address can be discovered just by running it on the user's website, and then only a password is required to gain access to that account:
"Thank you for contacting PayPal. We apologize for the delay in responding to your service request. I can assure you that PayPal goes above and beyond when it comes to the safety of your account and personal information. PayPal has several barriers for hackers to go through. Even if someone attempted to figure out your password an account will be locked after a certain number of failed attempts just as one example."
If you are using Windows XP Home Edition, make sure that you set a password that you have to enter in order to logon at start-up. When you set a password, you can create a prompt that reminds you what the password is without revealing it. If you happen to forget the password, just click the question mark beside the logon box on the Welcome screen to make the reminder appear.
In Windows Vista, passwords are set for each User Account. To access the User Accounts, click on the Start button, open the Control Panel and click on User Accounts and Family Safety. If you're using the Control Panel 's Classic View, which makes the Control Panel look as it does in Windows XP, you won't see User Accounts and Family Safety, so just double-click on the User Accounts icon. The following article shows you how to set passwords for User Accounts.
Securing Your Windows Vista Computer -
How To Create a Windows Vista Password Reset Disk -
"Creating a Windows Vista password reset disk can really come in handy if you forget your account password. With it, you can easily reset your password and get right in to Windows Vista. While there are ways to recover lost passwords without a password reset disk, they are often complicated and time consuming..." -
Note that the logon passwords that you can set for Windows 95, Windows 98, and Windows Me are a waste of time, because anyone just has to click the Cancel button to get past them. Only the passwords used by the Windows NT family of operating systems (Windows NT, Windows 2000, and Windows XP) cannot be bypassed.
You, the computer's owner, are the Administrator. You don't have to set a password when The Home Edition of XP is installed as you do have to with the Professional Edition. This means that anyone who can turn the computer on can access the system and make any changes to it that you are able to, including changing the password. If you have a brand-name PC with the Home Edition pre-installed, it probably won't have a password set. Note well that an Administrator account without a password makes it more vulnerable to potential hackers.
In the Home Edition of XP, you use User Accounts in the Control Panel to set a password for the Administrator account.
Visit the Recovering Windows XP page on this site for information on how to recover a forgotten Administrator login password.
Neither Windows XP Home Edition, nor XP Professional Edition can protect a specific folder or file with a password. You can only password-protect an Administrator or a Limited User Account. Moreover, Windows XP has to be using its native NTFS file system, not FAT32.
Keep data Private - http://www3.telus.net/dandemar/private.htm
Never respond to e-mail messages that seem to come from banks, PayPal, eBay, etc., that ask you to verify your account details, or e-mails saying that you have received an e-card greeting, because they are all methods of obtaining your user names and passwords, or of installing Trojan backdoor software that can send your personal information back to its originator from your computer.
If you receive a message that says you have received an e-card, which doesn't use your name and provides a link to click, if you click it, you'll be taken to what looks like a genuine e-card site. You'll have to enter the code that was provided in the e-mail message in order to gain access to a non-existent e-card, but when you enter the code a message saying something such as, "Your browser doesn't have a Flash player for e-cards". Your browser will then produce a message asking if you want to download and install a file. Refuse permission, because that file isn't a Flash player, it's a Trojan backdoor program that will compromise the security of your computer.
Make sure that you use some kind of backup system regularly that enables you to recover from a system failure that makes Windows unable to start up. There are many ways to creat all kinds of backups, with many different programs, tools / utilities. You can create a restoarble master image of the entire system and burn it to recordable CD/DVDs, or, if you have a Windows CD and the CDs/DVDs of your application software, you can just make backups of the data files and settings. In the event of an irrecoverable system crash, you can reinstall Windows and all of your applications and then restore your data files and settings.
Visit this page on this site for more information: Software: Data Recovery - Back-ups - Programs and Methods Used to Create Backups.
No security precautions are foolproof. The actions to be taken should you computer be infected by a virus or spyware are listed very well on this page:
A step-by-step guide to dancing The Security Tango! -
"Windows Live Safety Center is a new, free service designed to help ensure the health of your PC. Check for and remove viruses and spyware. Improve your PC's performance. Get rid of junk on your hard disk. Use the full service scan to check everything, or turn to the scanners and information in the service centers to meet your specific needs." -
"When you're outside of a domain environment, XP has some features missing. XP Home leaves you completely without the Group Policy Editor, while XP Pro lacks the ability to use the Group Policy Editor to selectively apply policies to specific users. Well, that's about to change. Doug's Windows XP Security Console allows you to assign various restrictions to specific users, whether you're running XP Pro or XP Home." -
From Help and Support in Windows XP: "When you run Microsoft Windows XP Service Pack 2 (SP2) [or any other version of Windows XP] using the Computer administrator account, your computer is more vulnerable to viruses and other security risks than when you use the Limited account. For example, if you are using the Computer administrator account when you visit a Web site that contains a virus, a Trojan horse might be installed on your computer where it could do things like reformat your hard drive, delete all your files, or create a new user account with administrative access. By contrast, if you are using the Limited account when you visit an Internet site that contains a virus, your computer is less likely to be infected by it. The Limited account is the most reliable account type because it does not allow users to download or install programs (activities that make a computer vulnerable if not done correctly). You can perform routine tasks, such as running programs and visiting Internet sites, without exposing your computer to unnecessary risk. The Limited account can restrict you from running certain programs and prohibit you from installing programs or adding printers. If you need to install a program, add a printer, change system settings, or run a specific program that won't work under the Limited account, you can log off and then log back on using the Computer administrator account. If you frequently need to log on as an administrator, you can use the runas command to start programs as an administrator. For more information about using the runas command, click Related Topics."
Note that a Limited account does not provide complete protection against virus infection, because some sophisticated viruses can install themselves in one, such as the Antivirus 2008/Antivirus 2009 virus, which goes by several other names. Moreover, Limited accounts can be the cause of problems such as the PC's antivirus scanner not being able to update from it. If you have children, you will also be constantly asked to install or run a program that requires administrator approval.
There is no need to use a Limited account in Windows Vista because of its User Account Control feature that asks for user permission before any software can be installed.
Understanding Windows Vista's User Account Control -
User Account Control Overview -
You can create a Limited account under User Accounts in the Control Panel. You have to do that yourself because Windows XP only creates the Computer administrator account by default.
If your Windows PC doesn't require a password to be entered in order to allow Windows to start up past the password entry point, set an Administrator or User Account password under Start => Control Panel => User Accounts. Then, when you leave the computer unattended just press one of the Windows keys that have a Windows flag on them and the L key (in upper or lower case). Windows doesn't shut down, but the password entry screen appears and the password has to be entered in order to be able to use the computer.
There are viruses that are capable of hiding themselves from the virus scanner used to monitor a system while online in real time (you shouldn't use more than one to monitor an online connection), or the virus scanners you use to scan the system offline. If your system is infected with such a virus, you therefore need a way of scanning the system before the virus can load itself during system start-up. You can do this by pressing the F8 key repeatedly after the memory count and before Windows loads. This brings up a boot menu. Choose the option called Safe Mode with Networking. This mode prevents most viruses from running while also allowing you to go online to scan the system with a free online virus scanner such as the one here: http://housecall.trendmicro.com/.
You might also be able to run any virus scanners installed in the system in that mode.
The creators of malware (spyware and adware) often use tricks to get you to install it, such as when a message produced by a website repeatedly asks you to accept a download even after you've clicked No. If this happens, don't ever click Yes. Instead try closing the webpage that required you to accept the download by clicking on the X in the corner of the page's window. Alternatively, close the connection down and log on to the Internet again. If the page won't close, use the Ctrl + Alt + Del key combination and shut the browser itself (Internet Explorer, Firefox, etc.) down. If you visit a site that continually displays pop-up windows of that kind it should be avoided in order to prevent the security of your system from being compromised.
It is advisable never to have more than one one software firewall, virus scanner, or spyware monitor providing active reat-time protection at the same time. Doing so can usually slow the system down severely, and the different software can conflict and prevent two virus scanners, etc., from providing proper active real-time protection. However, I have been using the free version of ZoneAlarm in conjunction with the Windows Firewall in Windows XP/Windows Vista without any problems, probably because they are both basic firewalls, not the complex paid-for products. Just make sure that the following setting in ZoneAlarm is disabled otherwise it disables the Windows Firewall: Firewall => Main tab => Advanced button => Disable Windows Firewall. (Unfortunately, the free version of ZoneAlarm will not install on Windows Vista Beta 2.) With the complex products, it is all right to use different scanners on the same system as long as you run their scans separately. This is desirable with virus and spyware scanners because none of them provides complete protection. For example, I have discovered that running the free online virus scanner provided by Trend Micro from http://housecall.trendmicro.com/ can identify and remove viruses that other scanners miss.
Note that other security products, such as Norton AntiVirus, also have a setting that disables the Windows Firewall that is enabled by default. You can check if it is turned on or off under Start => Control Panel => Windows Firewall.
Note that it is all right and advisable to make use of a software firewall in conjunction with the a hardware firewall, such as the limited hardware firewall protection that broadband routers can provide. And note that the firewall that is built into Windows XP doesn't detect or warn against traffic that is outward bound from the computer, it can only detect and prevent traffic that is inward bound. For that reason, you should disable it and use a software firewall that protects against outgoing and incoming traffic, such as ZoneAlarm. Viruses and Trojans, etc., once installed, always try to phone home. They create outgoing traffic that the Windows firewall can't detect or stop.
The most intensive scan on a computer is the usually a malware scan with an updated scanner. But, if the computer has active, always-on, real-time virus and spyware protection running constantly, full scans are mostly unnecessary because they doesn't usually find any viruses or serious spyware. This is the case with me, and I can't recall the last time a malware scan found anything on any of my computers, so I schedule Microsoft Security Essentials (MSE), which scans for all types of viruses, worms and malware, to run a scan once a day and use the Windows Task Scheduler to run a full scan overnight once a week, just in case a dangerous virus or some spyware somehow managed to slip through undetected. There are plenty of articles on how to use the Task Scheduler in XP, Vista and Win7 on the web.
For those of you who don't know, a hotspot is a place that allows a user equipped with a laptop computer that is itself equipped with a wireless network adapter to log on to the Internet, either as a free or as a paid-for service.
It can be difficult to determine if you have logged on to to genuine hotspot or not. All a con artist has to do is give the wireless connection installed on a laptop a plausible name or SSID (Service Set Identifier), and set it to be connected to on an Ad Hoc basis that connects computers equipped with wireless adapters directly to each other instead of via a wireless access point (a wireless switch). Then, when someone comes along to the bar or pub, etc., who is under the impression that it offers a hotspot to its customers, that person's wireless-equipped laptop will identify all of the open networks in the area. If the person decides to network with the con artist's computer instead of make use of the genuine hotspot, he or she won't be connected to the web. If the genuine hotspot requires users to enter a credit-card number before it allows them to use it, the con artist can create a phoney web page that allows those details to be stolen. If the unsuspecting person is able to make use of websites, such as the sites of banks, etc., they have been cached on the con artist's laptop computer. Any logon or account details that the person enters will also be made known to the thief.
Anyone who makes use of a hotspot is best advised to make use of them to access public websites only, but if you have to access a private account of any kind, you should make sure that the site address starts with https:// instead of just the http:// and that the secure yellow padlock icon appears on the bottom bar of the browser that means that the connection to the site is securely encrypted. You should also make sure that your wireless network settings are set so that you have to connect manually instead of automatically to wireless networks or hotspots.
To disable the ability of Windows XP to connect automatically to any available network or hotspot, double-click the wireless network's icon in the System Tray (Notification Area) in the bottom left corner of the screen. In the window that presents itself, click Change the order of preferred networks, and then click the Advanced button that appears under the Wireless Networks tab. Enable the Access point only option and disable the the Automatically connect option, and click on Close.
How to protect yourself at wireless hot spots -
"They can be an invitation to disaster, says Preston Gralla, who offers a surefire plan to avoid security breaches." -
The spammers send you an e-mail of the kind shown below that will outrage you so that you click the link they provide in the message. By clicking it you confirm that your e-mail address is valid and active. They can then sell the address to advertisers, so never click the link, and, for the same reason, never click the unsubscribe link on any other e-mail message, no matter how much you want to stop the messages being sent to you, because a flood of other spam no doubt come your way.
Hello! It has been requested that the following address: [email protected] should be added to the [an extremist group is named here] mailing list. You have been successfully subscribed to our mail list.
To unsubscribe from our mail list, just click this link:
Consider using some Intrusion Detection Software (IDS), which can often catch intrusions that virus and spyware scanners and tools (IPS - Intrusion Prevention Software) miss, but which all too often uses up plenty of system resources. Therefore choosing the right product can be difficult, involving trading off the degree of protection that is provided against the system resources used.
IDS programs detect malware trying to get into a computer by judging its behaviour instead of matching a signature. It's analogous to a detective catching a thief by looking for his methods of operation instead of finding his fingerprints. Anyone who uses WinPatrol or SpyBot's TeaTimer are using a form of IDS.
Many IPS programs, such as Spybot S&D, also contain an IDS program, such as the Spybot TeaTimer.
Free Intrusion Detection (IDS) and Prevention (IPS) Software -
Mike Lin's Start-up Monitor informs you if a program or Trojan wants to make itself a start-up program that loads at boot-up. This is a valuable line of defence that is well worth installing. You can obtain the program free of charge. If you find it useful you can give Mike a donation from his site mlin.net.
Microsoft Security Essentials - The much-improved Version 2 was made available in January 2011. -"...provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software". This scanner provides home users with all of the anti-malware protection that they require. However, you still require to be protected by a software firewall. The Windows Firewall enabled by default in Windows 7 is adequate, but you should use a third party firewall, such as the free Comodo Firewall if you are using Windows XP and Windows 7, because the Windows Firewall is not good enough in those versions of Windows. -
What's new in the Windows 7 Firewall? -
Sunbelt CounterSpy is an excellent product that can find spyware and backdoor Trojans that can make an infected computer send information to a remote location on the web, or download and install more software that compromises the computer's security.
"This is a great anti-spyware program..." An excellent spyware detection rate and exceptional value made CounterSpy Computer Shopper Magazine's Best Buy Award winner for fall 2006!" - Download the Free 15-Day Trial -
Comodo BOClean : Anti-Malware Version 4.25 -
"Protect yourself [free of charge] from online identity theft. The greatest threat on the Internet today is having your personal information hijacked remotely" -
Microsoft Windows Malicious Software Removal Tool (KB890830) -
"Overview - The Microsoft Windows Malicious Software Removal Tool checks Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software — including Blaster, Sasser, and Mydoom. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. The tool creates a log file named mrt.log in the %WINDIR%\debug folder. This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product. Microsoft will release an updated version of this tool on the second Tuesday of each month. New versions will be made available through this web page, Windows Update, and the Malicious Software Removal Tool Web site on microsoft.com. To have the newest versions automatically delivered and installed as soon as they are released, set the Automatic Updates feature (in the Control Panel) to Automatic. The version of this tool delivered by Window Update runs on your computer once a month, in the background. If an infection is found, the tool will display a status report the next time you start your computer. If you would like to run this tool more than once a month, run the version that is available from this Web page or use the version on the Malicious Software Removal Tool Web site." -
Spybot Search Destroy: http://www.safer-networking.org/en/download/index.html
There are special security measures that have to be implemented to make a wireless network secure. Read the Q&A on this site called How can a wireless network be made secure?
Crucial no longer provides security software with its flash drives because of having to devote too much time to support issues. There's no need to worry if that is the case with a flash drive you've purchased. If you want to keep the data on a flash drive secure, you can make use of a third-party encryption utility, many of which are free. If the data on the flash drive is scrambled to a high degree it's secure because only expert hackers could crack the encryption, which none of them would bother to do. There are utilities, such as WinZip, that can compress and encrypt files by using up to 256-bit AES encryption so that they take up about half or less of their uncompressed space, making them secure from everyone who isn't an expert hacker. WinZip isn't free, but there are many free standard encryption tools, most of which don't provide compression, that are nevertheless very easy to use.
You can make use of a search engine to conduct your own search using a search query such as free file folder encrypt.
Click here! to go directly to information on flash drives on this site.
CCleaner from ccleaner.com is a freeware system optimization and privacy tool. It removes unused files from your system - allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as the index.dat files, one of which contains a history of your browsing that cannot be deleted while Windows is running because it is a system file. If Microsoft can gain access to the file, which seems most likely, it has a history of the sites you visit. It is fast, usually taking less that a second to run, and contains no spyware or adware.